Around 7,000 online shopping stores running on the open-source Magento e-commerce software platform is reported to have been hit by a malware campaign. A Dutch security researcher named William De Groot discovered the incident and reported to the world early this month.
According to Groot, a malware campaign run by hackers from the west has reportedly hit over 7339 e-shops since Feb this year. And over 1500 of them from the reported sum were infected by the malware from Oct last year.
The modus operandi of such groups is simple- place online payments skimming malware called Magento core onto a shopping website and then gain illicit access to the control panel of the e-commerce website via brute force techniques to embed a JavaScript into the HTML template.
After all, is set, the malware records all keystrokes and sends everything in real-time to the MagentoCore.net server, registered in Moscow, Russia.
Furthermore, the malware is also found changing the passwords of common staff usernames and inserts a backdoor to remove competing malware.
Groot says that the cyber crooks have succeeded in infecting 60-70 stores per day from the past two weeks and the infection rate can surge up anytime.
Administrators using Magento are requested to check their backend logs and close all means of unauthorized access at the same time.
Note- Magento is an open source PHP technology platform where e-commerce store managers are allowed to link in their websites to make their shopping cart systems flexible to add content, functionality and look to their online stores.