eurowebmonitortool[.]com is used in this malicious campaign and is currently blocklisted by 15 security vendors at VirusTotal.”
VirusTotal.com is a crowdsourced security service that provides free file scanning and acts as an aggregator of information.
Sucuri advises the following steps for cleaning an infected website:
“Remove any suspicious GTM tags. Log into GTM, identify, and delete any suspicious tags.
Perform a full website scan to detect any other malware or backdoors.
Remove any malicious scripts or backdoor files.
Ensure Magento and all extensions are up-to-date with security patches.
Regularly monitor site traffic and GTM for any unusual activity.”
Read the Sucuri advisory:
Google Tag Manager Skimmer Steals Credit Card Info From Magento Site
Featured Image by Shutterstock/sdx15