Magento online stores hacked in the most massive automated hacking campaign where almost 2,000 stores were compromised to steal credit cards.
Magento online stores hacked in the most massive automated hacking campaign where almost 2,000 stores were compromised to steal credit cards.
Magento
Adobe Magento is a popular eCommerce platform that allows web sites to quickly create an online store to sell their products and accept credit cards.
Security experts from Sansec, a Dutch Cybersecurity firm specialised in tracking Magecart attacks, reported that around 2,000 Magento online stores were hacked during the past few days as part of the largest ever Magecart-style campaign. Researchers from Sansec claim this to be the largest automated campaign they have observed to date since 2015.
The attack started on Friday when ten stores were infected with credit card skimming scripts not previously seen in other attacks.
“On Friday, ten stores got infected, then 1,058 on Saturday, 603on Sunday and 233 today,” said Willem de Groot, founder of Sanguine Security (Sansec).
Most of the compromised stores were running version 1.x of the online store software. This is currently not receiving any security updates as the version reached end-of-life (EOL) on June 30, 2020.
The threat actors planted a software skimmer on the hacked websites that were designed to steal payment data entered by users on the checkout page.
“Official PCI requirements are to use a malware and vulnerability scanner on the server, such as Sansec’s eComscan. Sansec also recommends subscribing to alternative Magento 1 patch support, such as provided by Mage One.”
For compromised Magento version 1 sites, the malicious script was added to the prototype.js file. For Magento 2 sites, it was added to a jquery.js file hidden in the code.
The previous record was 962 hacked Magento stores in a single day that occurred in July last year.
Sansec reported that tens of thousands of customers had their private information stolen over the weekend via one of the compromised stores.
Sansec continues to investigate the attacks to determine how sites were hacked and advises all users to upgrade to Magento 2 for better protection.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?