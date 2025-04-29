Data Security, Phishing, Privacy

WooCommerce users subjected to widespread fake security phishing campaign

Privacy concept: computer keyboard with Key icon and word Phishing on enter button background, 3d render

(Adobe Stock)

Popular e-commerce platform WooCommerce had its users targeted with malware spread via bogus security alerts as part of a far-reaching phishing campaign, Security Affairs reports. Attacks commence with the delivery of malicious emails warning about a critical "unauthenticated administrative access" WooCommerce vulnerability with a download link that redirected to a fake WooCommerce Marketplace page, according to a Patchstack analysis. Execution of the fraudulent patch from woocommrce[.]com led to the subsequent use of WordPress hooks and creation of concealed administrators for stealth, as well as the deployment of numerous obfuscated PHP web shells that allowed total server compromise for ad injections, billing data theft, and ransomware and distributed denial-of-service intrusions. "As this phishing campaign is discovered and the community is made aware, it is likely for some or all of these indicators to change. New versions of this campaign are likely to appear as domains get flagged by hosts, registrars and security services." said the report.

Related

Data breach disclosed by UrbanOne following Cactus ransomware claims

Urban One, a U.S. media conglomerate focused on the African American community, has disclosed having its employees' personal data and other corporate information exfiltrated in a "sophisticated social engineering campaign" in February, which was claimed by the Cactus ransomware operation last month, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Basic AuthenticationBiometricsBlock CipherCipherCryptographic Algorithm or HashCyclic Redundancy Check (CRC)Data Loss Prevention (DLP)Data WarehousingDiffie-HellmanDigital Certificate

You can skip this ad in 5 seconds