- Magento is an open-source e-commerce software that empowers and assists thousands of retailers and brands in building their online platforms.
- However, they are easily exploited by attackers to steal a trove of payment card details from customers.
In the past few months, Magento-based e-commerce sites have become a favorite target for attackers. They are easily exploiting these sites to steal a trove of payment card details from customers and later sell them on the dark web or make fraudulent purchases.
What is Magento - Magento is an open-source e-commerce software that empowers and assists thousands of retailers and brands in building their online platforms. Due to its simple features, the software is widely used by several e-commerce website developers. However, as every good thing comes with a flaw, the Magento platform has been found to be vulnerable to various attacks - especially the Formjacking attack.
How vulnerable are Magento websites - A recent security web scan and analysis performed on 842 African Web sites that use Magento, revealed that 88% of these sites are at high or critical risk to attacks. A global analysis showed that 1.5% of the sites that run Magento (2,548) are infected with malware. The malware is used to harvest customer credit/debit card information.
In another report, cybersecurity experts Foregenix revealed that almost 80% of European Magento websites are prone to cyber attacks. Most of the websites using Magento 1 (90%) have been found to be at high risk.
How the websites are exploited - In most of the attacks, cybercriminals exploit the known vulnerabilities in the Magento platform to gain access to online sites. These flaws have resulted in the compromise of thousands of websites in the past months.
In some cases, insecure third-party extensions are used by threat actors to carry out Magento hacks. Once these extensions are installed, they enable the attackers to launch other malicious extensions in order to carry forward the attack process.
E-commerce site running Magento can also be exploited to plant malware such as CartThief, which in turn steals customers’ payment card information.
Lately, cybercrooks have come up with a new way of compromising the sites through brute-force attacks using common and known Magento credentials. This has resulted in the compromise of at least 1000 Magento admin panels located in the US and Europe.
How to stay safe - A significant reason for the majority of the attacks on the Magento is the absence of critical security patches. Hence, it is recommended to keep all the software and add-ins up to date. It is also important to install and use specialized online cybersecurity monitoring tools that are capable of detecting Magento vulnerabilities. Also, using stronger passwords with multi-factor authentication protects both users and admin panels from the possible credential theft.