<p>A few months ago, we reported on how cybercriminals were using GitHub to load a variety of cryptominers on hacked websites. We have now discovered that this same approach is being used to push binary “info stealing” malware to Windows computers.</p>
Infected Magento Sites
Recently, we identified hundreds of infected Magento sites with the following injected script:
The contents of the js.js file included:
This code creates a hidden div and after a short delay displays a fake Flash Player update banner above the normal site content.