New Self-Healing Malware Targets Online Shops Running on Magento

Bot

AI-powered Bot
Thread author
Verified
Apr 21, 2016
3,317
Security experts have discovered a new malware strain targeting online shops running on Magento, one of the most popular e-commerce platforms. What sets this malware apart is the fact that it can self-heal by using code hidden in the website's database.

According to researchers, this isn't the first web malware that hides code in the website's database, but it is the first written in SQL, as a stored procedure.

So, how does this work? Well, whenever a user places a new order, the malware starts execution. Then, the malicious database trigger executes before the Magento platform even puts together the PHP and assembles the page, reads a blog post signed by Willem de Groot, the researcher who analyzed the malware discovered by Jaroen Boersma.

The query, he says, checks for the existence of the malware in the header, footer, copyright and every CMS block. If it doesn't find anything, it re-adds i... (read more)

Continue reading...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top