Magecart gang hides PHP-based web shells in favicons

MAgecart favicon web shells

Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript skimmers into online stores. Magecart hackers are distributing malicious PHP web shells hidden in website favicon to inject JavaScript e-skimmers into online stores and steal payment information. Researchers from Malwarebytes observed threat actors, likely Magecart … Continue reading Magecart gang hides PHP-based web shells in favicons

Security Affairs