Please complete the form to apply for a free scan account.
We'll get back to you as soon as possible.
Turaco Labs needs the information provided to contact you about our services.
Tags:
It's Cyber Monday, following record-breaking Black Friday sales (according to Forbes magazine) and the Christmas rush is fast approaching - all with the backdrop of SessionReaper targeting Magento /Adobe Commerce sites and a significantly growing number of hacked sites worldwide.
As of this morning, we can see over 50,000 domains with indicators of compromise - with nearly 90% of the detected malware targeting eCommerce payment data.
The main categories of malware detected are digital skimmers (also known as e-Skimmers) and digital loaders (first stage of a multi-stage attack).
With record sales, online retailers are a seriously interesting target for criminals and the significant rise in hacked sites over previous weeks and months shows that the industry is in a battle with advanced criminals.
As can be seen from this chart, it appears that digital skimmers are increasing relative to loaders, once again. An interesting trend to watch.
Most of these sites do not know that they are hacked and have active digital skimmers stealing their customer data - transaction by transaction.
The threats are evolving as quickly as we've ever seen - largely in response to the industry getting better at detecting standard skimmers. The criminals have to keep evolving to evade detection - especially by the likes of Google and other "generalist secure scanners" - to maximise their harvest of payment data.
While we do get the occasional enquiry for help from a merchant who has been flagged by Google as being hacked, it is a rare occurence - in fact most of the hacked sites we assist are referred in to us via their payment processor or the card brands. And in many cases they remain adamant that they have not been breached until ThreatView shows them the malware lurking within their website.
With the Festive Season in full swing, we'd urge you to monitor your site for threats, keep it secure to keep your customers' data safe and your business safe (from legal, regulatory and financial liabilities).
And if you are not yet monitoring your site with ThreatView Advanced Edition, you can protect your site by signing up here.
At Turaco Labs, our ThreatView telemetry has detected a concerning spike in compromised PrestaShop websites. As of this morning, we have identified 327 hacked sites actively running payload loaders or digital skimmer malware.
PrestaShop has recently issued a security alert warning store owners about a digital skimmer threat targeting their platform. If you're running a PrestaShop store, this is an important reminder to verify your site's security.
With growing numbers of clients hosting with WP Engine, we felt it may be useful to highlight how a WordPress eCommerce site security is handled by combining WP Engine and ThreatView.
TLDR: WP Engine gives you high-performance managed WordPress hosting. ThreatView Advanced makes sure your website stays secure.
