An automated campaign Magecart campaign against 2,000 Magento stores over the weekend compromised the private information of thousands of customers and may very well be the largest attack of its kind since 2015.
The hacks were typical Magecart attacks, but since many of the stores victimized had no prior history of security incidents, “this suggests that a new attack method was used to gain server (write) access to all these stores,” according to a blog post from Sansec researchers who discovered the hacks. The incidents are still under investigations but Sansec said, the campaign could be related to a recent Magento 1 zeroday exploit “that was put up for sale” weeks ago.
“Magento 1.0 sites remain an attractive target for hackers looking to steal logins, personal data and financial data. This version no longer receives software updates as of June 2020, leaving sites exposed to zero day vulnerabilities such as the one that was exploited in this attack,” said Ameet Naik, security evangelist at PerimeterX.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.