Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores

The Hacker News by The Hacker News
February 10, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Feb 10, 2025Ravie LakshmananMalware / Payment Security

Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites.

Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and advertising purposes, contains an obfuscated backdoor capable of providing attackers with persistent access.

As of writing, as many as three sites have been found to be infected with the GTM identifier (GTM-MLHK2N68) in question, down from six reported by Sucuri. GTM identifier refers to a container that includes the various tracking codes (e.g., Google Analytics, Facebook Pixel) and rules to be triggered when certain conditions are met.

Further analysis has revealed that the malware is being loaded from the Magento database table “cms_block.content,” with the GTM tag containing an encoded JavaScript payload that acts as a credit card skimmer.

Cybersecurity

“This script was designed to collect sensitive data entered by users during the checkout process and send it to a remote server controlled by the attackers,” security researcher Puja Srivastava said.

Upon execution, the malware is designed to pilfer credit card information from the checkout pages and send it to an external server.

This is not the first time GTM has been abused for malicious purposes. In April 2018, Sucuri revealed that the tool was being leveraged for malvertising purposes.

The development comes weeks after the company detailed another WordPress campaign that likely employed vulnerabilities in plugins or compromised admin accounts to install malware that redirected site visitors to malicious URLs.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
AHEAD Among Elite 150 on CRN’s MSP 500 List for 2025

AHEAD Among Elite 150 on CRN's MSP 500 List for 2025

Recommended.

KI, die für alle funktioniert: TELUS ist stolz auf seine Teilnahme am UN AI for Good Global Summit 2025

KI, die für alle funktioniert: TELUS ist stolz auf seine Teilnahme am UN AI for Good Global Summit 2025

July 18, 2025
NORDEN reports net profit of USD 33 million (DKK 234 million) in Q1 2025

NORDEN reports net profit of USD 33 million (DKK 234 million) in Q1 2025

May 1, 2025

Trending.

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Anaconda Extends AI-Native Application Development With Acquisition

Anaconda Extends AI-Native Application Development With Acquisition

May 1, 2026
AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

January 30, 2026
AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

April 21, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio