Nearly 40% of Magento 2 websites are being targeted by a deluge of TrojanOrders attacks conducted by at least seven hacking groups, BleepingComputer reports.
TrojanOrders attacks involve exploitation of the critical Magento flaw, tracked as CVE-2022-24086, to facilitate code execution and remote access trojan injections, according to a report from Sansec.
Even though fixes for the flaw have been issued by Adobe in February, at least a third of Adobe Commerce and Magento stores continue to be vulnerable to the flaw, the report showed. Mounting TrojanOrders attacks have been attributed by Sansec researchers to the prevalence of vulnerable Magento 2 sites, as well as the prolonged and widespread availability of proof-of-concept exploits, which now cost as low as $2,500, compared with $20,000 to $30,000 early this year. Increased web traffic brought by the holiday season has also contributed to the onslaught of attacks, researchers added.
Immediate patching of the flaw and the use of a backend malware scanner have been urged to avert TrojanOrders attacks.
Novel Go-based information stealer Aurora has been increasingly added by threat actors in their arsenal, with at least seven active cybercrime groups either leveraging the malware exclusively or alongside other info-stealers Raccoon and Redline, BleepingComputer reports.