Home Hacking News MagentoCore Malware Has Infected Thousands Of E-Commerce Websites

MagentoCore Malware Has Infected Thousands Of E-Commerce Websites

by Harikrishna Mekala

When e-commerce websites that are using Magento software have been analyzed it has been revealed that there is a dangerous payment skimming malware that has been stealing thousands from the users. The infection was found by a Dutch security blogger and researcher Willem de Groot.

How many online stores are affected?

The malware was named MagentoCore and has been affecting the e-commerce sites that are using Magento. The skimmer was installed in more than 7,339 online stores in the last six months and has been affecting more than 50 new websites a day.

“The victim list contains multi-million dollar, publicly exchanged companies, which suggests the malware operators make a handsome profit. But the real sufferers are eventually the customers, who have their card and identity stolen,” de Groot said.

How does the malware work?

The malware usually uses the brute-force attack where it tries to guess the password of the Magento Admin panel for months and once the access is gained by the software will inject a malicious piece of code to the HTML and from them all the keystrokes from the customers on the website are recorded and the data is sent back to the hacker’s main server. This data consists of usernames, passwords, credit card information and personal details.

There is also a recovery mechanism which deleted the code when it has run. Groot has analyzed more than 220,000 websites and 4,2% of them were already leaking user data.

On his blog, de Groot suggests any business that finds itself affected to follow some key steps, including finding how the malware got into the operation in the first place and closing all points of entrance immediately.

“Analyse backend access logs, correlate with staff IPs and typical working hours. If suspicious activity is recorded from staff IPs, it could be that a staff computer is infected with malware, or that the attacker has hijacked an authorised session,” de Groot said.

Safety and security is an important factor in managing an e-commerce store. Likewise, knowledge and training before opening one is vital. Check this e-commerce course review to help you get the best training: Franklin Hatchett review.

You may also like