FBI warns Users about exploiting
a three-year-old vulnerability in Magento plugin, MAGMI (Magento Mass Import), which
allows to steal victim’s banking details.
The vulnerability is a cross-site
scripting (XSS) bug that allows hackers to inject malicious code in online
store’s HTML code.
FBI said that cybercriminals are
exploiting this bug to steal Magento online store’s credentials to take control
over attacked sites. When access is gained, they start modifying PHP and JS
files to get payment details when victims buy products.
According to the FBI, payment
data is recorded from user transactions, encoded in the Base64 format, hidden inside
the bits of a JPEG file and sent to the hackers' server (89.32.251.136).
The FBI flash
alert provides
indicators of compromise (IOCs) that Magento operators can deploy inside their
web application firewalls (WAFs) to prevent attacks against their sites.
Updating only a plugin will not help a lot, it’s
better to update entire online store to the version 2.x.
No comments:
Post a Comment