Cybersecurity researchers uncovered a persistent Magecart campaign active since 2022 that targets WooCommerce websites by injecting malicious JavaScript to create fake checkout interfaces. The malware mimics legitimate Stripe payment forms to capture credit card details from major networks before exfiltrating the data and triggering a fake error message to mask the theft. The script utilizes advanced evasion techniques, including encryption and a feature that automatically hides the malicious code when it detects a logged-in site administrator.
Sophisticated Magecart campaign steals credit card data via fake Stripe forms
Paul Drecksler is the founder and editor of Shopifreaks E-commerce Newsletter, covering the most important stories in e-commerce.
Never miss important e-commerce news
Our weekly newsletter is read religiously by 20,000+ e-commerce professionals.