In today’s post we’re going to review a sophisticated, multi-stage carding attack on a Magento eCommerce website. This malware leveraged a fake gif image file, local browser sessionStorage data, and tampered with the website traffic using a malicious reverse-proxy server to facilitate the theft of credit card data, login details, cookies, and other sensitive data from the compromised website. The client was experiencing some strange behaviour on their checkout page, including clients unable to input their card details normally, and orders not going through. Continue reading Fake GIF Leveraged in Multi-Stage Reverse-Proxy Card Skimming Attack at Sucuri Blog.