<p>Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files:</p><p>Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files:</p>
These are common files for attackers to target as they operate throughout Magento sites, but these instances were special as they had a very peculiar reinfection rate.
Malicious Scripts Loaded Through .bashrc
Upon closer inspection, we came across this snippet in the site owner’s .bashrc file.
Continue reading Shell Logins as a Magento Reinfection Vector at Sucuri Blog.