Last week, security researchers in Sucuri discovered that hackers are exploiting a previously unknown vulnerability to steal payment data from ecommerce sites that use eBay’s Magento platform. About 200,000 websites using the Magento platform could be affected by card payment stealers being used in the wild. According to their findings, attackers are exploiting a vulnerability in eBay’s shop platform and are able to inject malicious code into the core Magento file. The exploit wipes trails clean by filtering out anything that looks like credit card data, as well as masks user agents to avoid suspicion. Consequently, the attack tool may allow hackers to gain control of administrator access, allowing credit card and customer data theft.
Hackers have seen this opportunity within Magento in the past. Most e-commerce websites have checkout forms where customers enter their payment details, and Magento saves or sends this data to the payment gateway in order to complete a transaction. However, based on previous reports, there is a “very short period of time when Magento handles sensitive customer information in an unencrypted format”. Hence, despite encryption, attackers could take advantage of that small window of vulnerability.
We encourage owners and Web masters using the platform to make sure that they’re using the latest version and to keep tabs on the latest fixes. E-commerce sites are increasingly targeted by hackers, as they are considered a rich source of credit card information. As such, it is important for Web owners to look into the security measures provided by the platform they're using. Additionally, we recommend using security software that can protect against Web-based attacks, and keep them updated.
The incident is currently under investigation and we wait for more updates on developments and possible fixes.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2
- The Linux Threat Landscape Report