Privacy News Over 1,000 Magento Stores Hacked to Steal Card Data, Run Cryptojacking Scripts

[Faybert]

Content source

https://www.bleepingcomputer.com/news/security/over-1-000-magento-stores-hacked-to-steal-card-data-run-cryptojacking-scripts/

Security researchers say they've identified at last 1,000 Magento sites that have been hacked by cybercriminals and infected with malicious scripts that steal payment card details or are used as staging points in the delivery of other malware.
"The Magento sites are being compromised through brute-force attacks using common and known default Magento credentials," Flashpoint researchers say.
"Brute-force attacks such as these are simplified when admins fail to change the credentials upon installation of the platform," researchers add. "Attackers, meanwhile, can build simple automated scripts loaded with known credentials to facilitate access of the panels."
Hacked sites used for cryptojacking, card scraping, more
Once attackers gain access to these sites, researchers say they've observed three main patterns of malicious activities.
The most common practice is to insert malicious code in Magento core files, code that logs payment card information entered inside the checkout process. Such malware is named a card scraper, and users should expect to find one on any e-commerce store that looks to have missed a few updates.
.....
.....

More hacked Magento sites are still out there
Security experts believe that the sites they discovered are only a small sample of all the compromised Magento stores.
Flashpoint says that besides Magento, threat intelligence gathered from entry-level and top-tier Deep & Dark Web forums suggests that cybercriminals are also very interested in other e-commerce platforms, not just Magento, such as OpenCart and Powerfront CMS
.....
.....

 

[L0ckJaw]

Never liked Magento / Joomla. Drupal or Wordpress