123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

Security Experts Identify New Malware Targeting Users Of E-commerce Websites

Profile Picture
By Author: eccuni
Total Articles: 211
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

Cybercriminals use different techniques to compromise computers and steal confidential information. Recently, security researchers at Trend Micro identified a new malware that targets users of e-commerce websites. Cybercriminals first compromise websites by inserting an iframe. When users visit the compromised sites, some of the URLs on these sites cause several redirections, which ultimately result in exploitation of several vulnerabilities. Attackers exploit vulnerabilities associated with RDS.Dataspace, Java Deployment Toolkit, Adobe Reader and Java Runtime environment. Exploitation of the vulnerabilities allow attackers to either cause denial of service, execute arbitrary code or affect availability, confidentiality and integrity and redirect users to another web address, which downloads a malware detected as TROJ_JORIC.BRU. Once downloaded on the computer systems, the malware attempts to capture login credentials, credit card details and other confidential information and send them to a remote website. After gaining access to the required information, the malware deletes itself to avoid detection. Cybercriminals may use ...
... extracted information to gain unauthorized access to online shopping and banking accounts, conduct unauthorized transactions or even create fake accounts by using the identity of the victims. They may also use the accessed credit card details to develop counterfeit credit cards. Attackers also sell the stolen data to their peers in the underground cybercrime market.

According to the security firm, the attack has affected over 90,000 web pages, which use osCommerce solutions. While users face the risk of compromising sensitive personal and financial data, business face the risk of disruption in business operations resulting in financial loss or loss of productive business hours. Security professionals must update their technical skills and expertise through distance learning and online university degree programs to tackle the sophisticated attacks emanating in the IT environment.

Organizations must regularly scrutinize their websites to detect iframe, SQL injection and other web-based vulnerabilities. Professionals qualified in penetration testing, secured programming and computer science degree programs may help organizations in timely assessment of security threats, detection and mitigation of vulnerabilities before their exploitation by cybercriminals. They must have proper patch management policy in place to track and implement requisite security updates.

Internet users must regularly scan their computer systems with updated security software to detect, block and remove Trojans and viruses. They must update their computer software and adhere to the guidance and advisories provided by developers, Internet security firms and computer emergency response teams. Internet users may benefit from online degree and learning programs to acquaint themselves of security threats and improve online computing practices.

Total Views: 276Word Count: 409See All articles From Author

Add Comment

Computers Articles

1. 00al556 Ibm 550-watts Platinum Power Supply For X3650 M4: Reliable And Energy-efficient Power For Enterprise Servers
Author: Server Tech Central

2. Iot Identity And Access Management (iam) Market : Driving Secure Innovation In Connected Ecosystems
Author: Umangp

3. Why Should You Plan Blinkit Onboarding Before Market Expansion And How Can Zane Marketing Help You Grow Faster
Author: Zane Marketing

4. Customer Identity And Access Management (ciam) Market : Strengthening Security And Customer Trust
Author: Umangp

5. How To Start Your Website Redesign Project?
Author: brainbell10

6. Sap Compliance In Manufacturing: Closing The Gaps Grc Leaves Behind
Author: Mansoor Alam

7. Speech Analytics Market : Unlocking Actionable Insights From Customer Conversations
Author: Umangp

8. Data Preparation Tools Market: How Ai And Cloud-based Solutions Are Transforming Modern Data Workflows
Author: Umangp

9. How To Setup And Create Instagram Ads?
Author: brainbell10

10. Why Digital Business Cards Are The Future Of Professional Networking
Author: WhyTap

11. End To End Sataware Product Development Is The Process Of Identifying Market Opportunities To Hire Flutter Developer, Connecting User Needs And Requir
Author: brainbell10

12. Dynamics Nav To Business Central Upgrade Guide
Author: brainbell10

13. Data Governance Framework: Building Trust In The Digital Age
Author: Umangp

14. A Complete Guide To Dynamics 365 Warehouse Management
Author: brainbell10

15. Conversational Ai In Intelligent Contact Centers: Market Outlook And Future Growth To 2028
Author: Umangp

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: