The malware, discovered by Jeroen Boersma and analyzed by Willem de Groot, steals user card information and starts execution whenever a user places a new order.
While this is not the first web malware that hides code in the website's database, this is the first one that is written in SQL, as a stored procedure, in this case, a Mangeto database trigger operation, according to Bleeping Computer.
Store owners are advised by security specialists to scan their shops via de Groot's two tools, MageReport and the Magento Malware Scanner, which have received updates to detect this new class of malware.
The Paypers. All rights reserved. No part of this site can be reproduced
without explicit permission of The Paypers(V2.3).