VERY IMPORTANT

In late 2017, Volexity began tracking a new e-commerce financial data theft framework named JS Sniffer. The framework gives attackers a quick and efficient way to steal data from compromised e-commerce websites. JS Sniffer is optimized to steal data from compromised websites running the Magento e-commerce platform. However, Volexity has observed the framework on e-commerce websites leveraging OpenCart, Dealer.com, Shopify, WordPress, and others as well. Volexity initially identified the framework following a highly targeted attack campaign against a website that facilitates online ticket sales for numerous events and venues.