Thousands of ecommerce sites at risk after popular CMS targeted by malware attack — here's what you need to know

• OpenCart websites were silently injected with malware that mimics trusted tracking scripts
• Script hides in analytics tags and quietly swaps real payment forms for fake ones
• Obfuscated JavaScript allowed attackers to slip past detection and launch credential theft in real time

A new Magecart-style attack has raised concerns across the cybersecurity landscape, targeting ecommerce websites which rely on the OpenCart CMS.

The attackers injected malicious JavaScript into landing pages, cleverly hiding their payload among legitimate analytics and marketing tags such as Facebook Pixel, Meta Pixel, and Google Tag Manager.

Exepers from c/side, a cybersecurity firm that monitors third-party scripts and web assets to detect and prevent client-side attacks, says the injected code resembles a standard tag snippet, but its behavior tells a different story.