Cybercriminals likely poised to attack as Adobe ends support for Magento 1

After publishing a final security update for Magento 1 last week, Adobe is ending support for its popular 12-year-old ecommerce platform.

“If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site's security and PCI DSS compliance,” Adobe said in a blog post. “Beyond the EOS [end of support] date, Adobe will not be responding to any further security issues for Magento 1.”

Noting that “cybercriminals have routinely targeted Magento sites as part of Magecart attacks, where they inject malicious code into the sites in order to steal payment card information from victims’ customers,” Tenable Staff Research Engineer Satnam Narang said “attackers are likely chomping at the bit to exploit any undisclosed vulnerabilities in Magento 1.

Adobe gave site owners enough time to make the transition, he said, stressing that “it is imperative that Magento site owners upgrade to Magento 2 for continued security updates or transition to another eCommerce solution that is still supported."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.