Summary: Threat actors are exploiting Google Tag Manager (GTM) to implement credit card skimmer malware on Magento-based e-commerce sites. The malicious code, disguised within a typical GTM setup, allows attackers to harvest sensitive customer data during checkout. Three sites are currently confirmed to be infected with this malware, which has seen a reduction from an earlier report of six infections.
Affected: Magento-based e-commerce websites
Keypoints :
- Malware disguised as GTM and Google Analytics scripts to gain persistent access.
- Three infected websites identified with the GTM identifier GTM-MLHK2N68.
- The malware collects credit card information during the checkout process and transmits it to a remote server.
- Historical instances of GTM being utilized for malicious activities, including malvertising in 2018.
Source: https://thehackernews.com/2025/02/hackers-exploit-google-tag-manager-to.html
Views: 8