Republic of the Philippines

Camarines Sur Polytechnic Colleges

Nabua, Camarines Sur
ISO 9001:2015

Name: Bernardo Podawan

Course/Section: BSIT2B
Subject: E-commerce
Instructor: Mae Tagum

ACTIVITY 8

A new credit card stealing hacking campaign is doing things differently than
we have seen in the past by hiding their malicious code inside the
'Authorize.net' payment gateway module for WooCommcerce, allowing the
breach to evade detection by security scans.

Historically, when threat actors breach a commerce site like Magenta or

WordPress running WooCommerce, they inject malicious JavaScript into the
HTML of the store or customer checkout pages. 

These scripts will then steal inputted customer information on checkout, such
as credit card numbers, expiration dates, CVV numbers, addresses, phone
numbers, and email addresses.

However, many online merchants now work with security software companies
that scan the HTML of public-facing eCommerce sites to find malicious
scripts, making it harder for threat actors to stay hidden.

To evade detection, the threat actors are now injecting malicious scripts
directly into the site's payment gateway modules used to process credit card
payments on checkout.
 Republic of the Philippines
Camarines Sur Polytechnic Colleges
Nabua, Camarines Sur
ISO 9001:2015

As these extensions are usually only called after a user submits their credit
card details and checks out at the store, it may be harder to detect by
cybersecurity solutions.

The campaign was discovered by website security experts at Sucuri after being
called in to investigate an unusual infection on one of their client's systems.

Reference: https://www.bleepingcomputer.com/news/security/hackers-inject-credit-card-
stealers-into-payment-processing-modules/

3. An example of the application or usage of the different electronic payment systems here in
the Philippines such as the:

Online Banking
Mobile Banking
E-wallets
Credit Cards

Online Banking: Jane works as a busy professional who must pay numerous debts. She pays
her rent, utilities, and credit card bills through internet banking. She gets into her online banking
account and makes sure that all of her invoices are set up for automatic payments. Her
payments will be paid on time and she will save time by doing this.

Mobile Banking: Lee is a businessman who travels extensively for work. He checks his
account balances, transfers money, and pays bills while on the go using his mobile banking
app. In order to avoid going to the bank, he also deposits checks using his mobile banking app.

E-wallets: College student Mae does not possess a credit card. She makes online purchases
like her textbooks and school supplies using an e-wallet. She doesn't have to worry about
overspending because she can readily load her e-wallet with money from her bank account.

Credit Cards: Jack has to reserve a hotel room because he is organizing a family trip. He
makes the reservation online using his credit card. By using his credit card, he accumulates
reward points that he can use to offset future expenditures.