Online businesses under threat from fake Magento plug-ins

Foregenix, an independent and specialist information security business, are alerting all ecommerce businesses to a new data compromise that has been identified, specifically targeting those running on the Magento platform.

Through the specialist forensic investigation work by the Foregenix team, a relatively new data compromise, specific to Magento-based websites, has been identified. The system compromises do not highlight weaknesses or vulnerabilities in the Magento solution itself, but relate to Magento users unintentionally installing compromised or fake extensions to the Magento framework, which can then leave businesses open to attack.

These malicious modules permit remote, unauthorised users to access the impacted site and make system modifications to harvest payment card details, as well as other confidential information belonging to both customers and the compromised websites.

The Foregenix team has identified multiple versions of the rogue modules in recent forensic investigations and as such, is issuing an advisory to all Magento-based merchants to check for indications of the malicious modules.

Director of Foregenix, Andrew Bontoft, said, "As one of the most popular ecommerce platforms, Magento is an obvious target for attackers. Magento users should maintain vigilance when selecting and installing modules to their site; specifically, making sure that they are deploying code from legitimate and trusted sources."

Foregenix is advising that esellers may be at risk and in response have set up a website providing a free scan to check whether their websites have been affected by any of the identified rogue modules (www.foregenix-magento-scan.com). In addition, Foregenix offers useful advice on how to remove the malicious modules.

Commenting on the latest compromise, Benjamin Hosack, Director of Foregenix said, "This highlights the increasing threat of cybercrime for businesses in the UK and across the globe. Hackers are increasingly finding ways to find flaws in online platforms, payment portals and data gateways, so businesses need to be aware of the threat and put in place solutions to protect themselves and their customers."

Benjamin Hosack went on to comment, "Cybercriminals are becoming even more targeted and increasingly sophisticated in their method of attacks. We see first-hand how they can implement a malicious malware or form of data compromise without being detected. Online businesses have been a primary target recently, so we want to highlight the dangers as well as educate businesses out there on how to defend themselves."

The solutions to prevent the latest compromise are out there, but often online businesses do not have the in-house expertise to implement them.

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter