Self-Healing Malware a Concern for E-Commerce Merchants

Malware is not new. First identified in 1982, these malicious software programs are designed to infect and perform unwanted actions  

Skip to main content
Main Content

Self-Healing Malware a Concern for E-Commerce Merchants

Jun 22, 2017

Self-Healing Malware a Concern for E-Commerce Merchants

Malware is not new. First identified in 1982, these malicious software programs are designed to infect and perform unwanted actions on a computer system. This includes deleting important files and stealing critical data like credit card numbers and personal information.

But now security experts are warning about a new permutation — a self-healing form of malware — that targets websites running on one of the most popular e-commerce platforms. The malware modifies the database to inject a file that automatically re-infects the website following its discovery and removal.

Visa® has alerted merchants to this new malware technique that has turned up on Magento, noting that cybercriminals have already used it successfully to compromise payment card data. "By targeting the database, rather than the specific eCommerce application, the malware is resilient to normal removal attempts," Visa says in its warning. It adds that the usual scan for malicious code in the HTML files will not detect this version of malware. A more in depth analysis of the database is necessary to detect and eliminate it.

Visa outlines several steps that e-merchants can take to mitigate the self-healing malware’s impact on their websites. They include:

  • Regularly-scheduled scans of the webserver for malware to identify security vulnerabilities;
  • Check for database triggers on the website and their removal;
  • Use of a Payment Card Industry Data Security Standard (PCI DSS) validated third-party service provider to store, process or transmit cardholder data and reduce risk exposure for card-not-present (CNP) fraud.

The Visa publication "What To Do If Compromised" outlines the steps to take if your payment system is compromised by malware or any other form of data breach.

TSYS® is included on Visa's Global Registry of Service Providers list. We provide merchant solutions you can trust, including secure payment gateway and online credit card processing. Our emphasis on security and fraud prevention is based on the latest technology to protect your data and your business reputation. Talk to a TSYS representative today to get started.

All trademarks contained herein are the sole and exclusive property of their respective owners. Any such use of those marks without the express written permission of their owner is prohibited. TSYS Merchant SolutionsSM is a registered ISO/MSP of Wells Fargo Bank, N.A., Walnut Creek, CA; Synovus Bank, Columbus, GA, and First National Bank of Omaha, Omaha, NE. TSYS Business SolutionsSM is a registered ISO/MSP of Wells Fargo Bank, N.A., Walnut Creek, CA; Synovus Bank, Columbus, GA; and Deutsche Bank, New York, NY for Visa and Mastercard transactions only.