Sansec BV
@sans.ec
experts in eCommerce security - https://sansec.io
Thanks for pointing out our sampling bias, since the last graph we've stopped crawling some smaller stores but not Magento so we cannot give you an accurate distribution right now, only a relative malware activity graph for all platforms
June 6, 2025 at 7:23 AM
Thanks for pointing out our sampling bias, since the last graph we've stopped crawling some smaller stores but not Magento so we cannot give you an accurate distribution right now, only a relative malware activity graph for all platforms
Meanwhile, the attacker has upgraded their malware and rotated three exfil domains:
bootrow\.com
redtransfer\.net
imgweb\.net
PSA — This breach would have been prevented with Sansec Shield, our real-time malware protection layer.
bootrow\.com
redtransfer\.net
imgweb\.net
PSA — This breach would have been prevented with Sansec Shield, our real-time malware protection layer.
April 18, 2025 at 12:02 PM
Meanwhile, the attacker has upgraded their malware and rotated three exfil domains:
bootrow\.com
redtransfer\.net
imgweb\.net
PSA — This breach would have been prevented with Sansec Shield, our real-time malware protection layer.
bootrow\.com
redtransfer\.net
imgweb\.net
PSA — This breach would have been prevented with Sansec Shield, our real-time malware protection layer.
Sansec Shield
Advanced real-time protection for your Magento store
sansec.io
March 21, 2025 at 7:30 PM
The exfil domain "esaspaceshop[.]pics" that is used to steal data from ESA staff, was registered a month ago but only showed up on the ESA site today.
December 23, 2024 at 2:58 PM
The exfil domain "esaspaceshop[.]pics" that is used to steal data from ESA staff, was registered a month ago but only showed up on the ESA site today.