More than 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers
An influx of cyberattacks against retailers running the Magento 1.x web based business stage before this September has been ascribed to one single gathering, as indicated by the most recent exploration.
“This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of websites at once through supply chain attacks, such as the Adverline incident, or through the use of exploits such as in the September Magento 1 compromises,” RiskIQ said in an analysis published today.
Collectively named Cardbleed, the attacks targeted at least 2,806 online storefronts running Magento 1.x, which reached end-of-life as of June 30, 2020.
Injecting e-skimmers on shopping websites to steal credit card details is a tried-and-tested modus operandi of Magecart, a consortium of different hacker groups who target online shopping cart systems.
These virtual credit card skimmers, also known as formjacking attacks, are typically JavaScript code that the operators stealthily insert into an e-commerce website, often on payment pages, with an intent to capture customers’ card details in real-time and transmit it to a remote attacker-controlled server.
If you have Magento version 1.x, you need to upgrade to version 2 to keep your Magento store safe.
Comments
Post a Comment