E-commerce malware detection firm Sansec is tracking a surge in cyberattacks targeting Magento stores.
At least seven Magecart groups are injecting TrojanOrders at approximately 38% of Magento and Adobe Commerce websites in November. The trend in recent weeks paints a grim picture for ecommerce DevOps teams worldwide for the coming weeks. There is a big increase of active scanning for the file that contains the backdoor (health_check.php). This is a sign of attacker groups are trying to take over infected sites from other groups.
November is on track to see more Magento 2 template attack probes than the previous ten months combined. There is a big uptick in attacks using the mail template vulnerability in Magento 2 from February 2022 (CVE-2022-24086). Sansec estimates that at least a third of all Magento and Adobe Commerce stores have not been patched so far.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
