Monday, May 12, 2025
HomeCyber Security NewsHackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Published on

SIEM as a Service

Follow Us on Google News

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target e-commerce platforms during the holiday season, which allow attackers to craft convincing phishing emails, replicate legitimate websites, and gain unauthorized access to systems. 

The objective of cybercriminals is to steal sensitive information and financial data from shoppers who are unaware of their activity by taking advantage of vulnerabilities and taking advantage of user trust. 

They are taking advantage of generative AI, specifically models like ChatGPT, to create highly convincing phishing emails designed to mimic legitimate communications from retailers and banks. 

- Advertisement - Google News

These sophisticated attacks, often themed around holidays or seasonal sales, aim to deceive unsuspecting shoppers into divulging sensitive information such as credit card details.

Free Webinar on Best Practices for API vulnerability & Penetration Testing:  Free Registration 

It highlights the increasing use of sniffing tools, which allow cybercriminals to intercept and steal data during online transactions, further amplifying the threat landscape for online shoppers.

Collection of threats to shopping websites

Cybercriminals are exploiting the holiday shopping season by registering thousands of fake domains mimicking popular e-commerce brands to lure unsuspecting consumers with fraudulent offers. 

They are targeting vulnerable e-commerce platforms like Adobe Commerce, Shopify, and WooCommerce, exploiting weak configurations and outdated plugins. 

Attackers are employing various techniques, including sniffers to steal sensitive customer data and Remote Code Execution (RCE) exploits to gain unauthorized administrative access to these platforms, posing significant risks to both businesses and consumers.

Fake J. Crew shopping site

The darknet has become a thriving marketplace for cybercrime tools and stolen data. FortiGuard Labs has noted an increase in the sale of compromised e-commerce databases, stolen gift cards, and credit card information. 

Phishing kits are being sold at prices ranging from $100 to $1,000, depending on their sophistication and customization options, which enable even less experienced attackers to launch advanced phishing attacks. 

Other tools, such as sniffing and brute-forcing software, are also available on the darknet, further lowering the barrier of entry for cybercriminals.

Trafficker recruitment ad

Businesses today face a myriad of cyber threats, where phishing attacks, data breaches, and financial fraud are common occurrences, often resulting from compromised admin panels, outdated software, and weak security practices. 

Actors with malicious intent take advantage of these vulnerabilities in order to steal sensitive information, disrupt operations, and tarnish the reputation of the brand. 

Shoppers should prioritize online security by verifying URLs, using secure payment methods, avoiding public Wi-Fi, enabling multi-factor authentication, and regularly monitoring financial statements. 

While businesses must enhance their cybersecurity by updating platforms and plugins, conducting vulnerability scans, employing fraud detection tools, educating customers, monitoring domain registrations, and securing admin panels with strong passwords and restricted access.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Varshini
Varshini
Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Latest articles

Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!

IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core...

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded...

20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week

A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s...

“PupkinStealer” – .NET Malware Steals Browser Data and Exfiltrates via Telegram

A new information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to individuals...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Open Source Linux Firewall IPFire 2.29 – Core Update 194 Released: What’s New!

IPFire, the powerful open-source firewall, has unveiled its latest release, IPFire 2.29 – Core...

Threat Actors Leverage DDoS Attacks as Smokescreens for Data Theft

Distributed Denial of Service (DDoS) attacks, once seen as crude tools for disruption wielded...

20-Year-Old Proxy Botnet Network Dismantled After Exploiting 1,000 Unpatched Devices Each Week

A 20-year-old criminal proxy network has been disrupted through a joint operation involving Lumen’s...