New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers

From thehackernews.com

E-commerce platforms in the U.S., Germany, and France have come under attack from a new form of malware that targets Nginx servers in an attempt to masquerade its presence and slip past detection by security solutions.

“This novel code injects itself into a host Nginx application and is nearly invisible,” Sansec Threat Research team said in a new report. “The parasite is used to steal data from eCommerce servers, also known as ‘server-side Magecart.'”

Read more…