A new malware called ‘disgrasya’ has been downloaded more than 34,000 times from the PyPI platform, using WooCommerce shops to validate stolen credit cards.
- The malicious ‘disgrasya’ package was used to verify stolen credit cards.
- The tool targeted WooCommerce shops using the CyberSource payment gateway.
- The package has been removed from PyPI, but the number of downloads indicates a large scale of abuse.
- Malicious features were introduced in version 7.36.9 to avoid detection.
- The package emulated shopping by stealing data from legitimate websites.
A malicious ‘disgrasya’ package was recently discovered using WooCommerce shops to validate stolen credit cards.
The tool, which worked by emulating purchases, collected data from products and stole security tokens.
The malware was able to automatically verify a large number of stolen cards, posing a serious threat to financial security.
If you are looking for secure e-commerce solutions, check out our offer on online shops.
They trusted us
