Magento is one of the most popular e-commerce platforms. But researchers found that is highly vulnerable to cyber attacks.
Foregenix, a global cybersecurity firm based in Johannesburg has performed security scans and analysis on 842 African websites that use Magento and revealed that 88% websites are at high risk. The root cause of vulnerabilities is user error in Magento e-commerce websites. This was reported by Jon Tullett, Research Manager at IDC.
Research outcome
- Researchers analyzed over 170,000 websites and discovered that 2,548 websites (1.5 percent) were infected with malware. Out of these 2,548 infected sites, 1591 sites were compromised by debit/credit card stealing malware.
- Another 2.3 percent of all sites were found vulnerable to Magento Shoplift, for which patches were made available in January 2015. This vulnerability allows hackers to hijack websites, steal sensitive information, and even order items free of charge via a single exploit command, which is publicly available.
- In 2015, it was reported that outdated or unpatched Magento e-commerce sites were vulnerable to a cross-site scripting attack, which allows hackers to perform online skimming to steal credit card information.
- DefenseCode, a security company, reported in 2017 that Magento CE web stores were vulnerable to remote code execution attacks, which allowed hackers to perform online skimming to steal credit card information and take control of the database.
The root cause of Magneto flaws
Jon Tullett said that “user error is the root cause of vulnerabilities in Magento e-commerce sites. Magento releases regular software updates and patches in response to vulnerabilities, which if not used periodically, can leave the websites highly vulnerable to data breaches. Therefore, site operators must take the responsibility to patch the software periodically and keep systems up-to-date”.
Graham Cook, Director of BDO IT Advisory Services, said: “a new Magneto malware was recently discovered that is capable of making system modifications to harvest payment card details and other sensitive information from users as well as the website”.
Cook added that the malware has the capability to automatically alert hackers when new files are created, allowing them to steal more payment card details from the targeted compromised site.
