Cybersecurity experts have discovered a new trick that hackers have been using to steal credit card details from online shoppers. The attack targets websites built with Magento, an e-commerce platform used by many online stores. Hackers are misusing Google Tag Manager (GTM) to sneak malicious code onto websites.
This code is designed to capture credit card details when customers are checking out, according to The Hacker News. Google Tag Manager is a tool that helps website owners and marketers manage and add tracking and marketing tags to their websites or mobile apps. The hackers insert malicious code into the website that resembles normal Google Analytics tracking.
This code contains hidden instructions that allow the hackers to access the website secretly. When a customer enters their credit card information, the malicious code sends this data to the hackers. As of the latest report, three websites have been found infected with the malicious GTM identifier (GTM-MLHK2N68), down from six initially reported.
Hackers exploit Google Tag Manager
However, experts warn that more sites could still be affected. Recently, two people from Romania were charged in the US for their roles in a credit card theft scheme.
Tips for safer online shopping:
– Use trusted, well-known websites for online purchases whenever possible. – Regularly check your credit card statements for any suspicious charges. – Consider using virtual credit cards or payment services that don’t share your actual card number with merchants.
For online store owners, especially those using Magento:
– Regularly check and update your website’s security. – Be cautious about what tools and scripts you add to your site. – Consider hiring a cybersecurity expert to review your website’s security.
Cybersecurity breaches remain a growing concern for both consumers and businesses. Staying vigilant and taking preventive measures can help mitigate these risks.
