Magento takes security seriously and asks its users to do the same.
Maintaining thousands of ecommerce stores Magento has always been a tasty morsel for numerous online criminals and now they’ve got a real opportunity to tear off a piece of this pie.
|IMPORTANT The urgency of the latest security patches implementation has increased significantly since Magento shoplift (SUPEE-5344) exploits are detected in the wild.|
Remote Code Execution Vulnerability
This remote code execution (RCE) vulnerability was found by Check Point and reported to Magento on January 14, 2015. Affecting both Magento Community and Enterprise editions the vulnerability is able to compromise any Magento-based web store and allow criminals to obtain complete control over the store and its sensitive data, including personal customer information.
On February 9, 2015 Magento released the SUPEE-5344 security patch and asked store owners to download and implement it first in a test environment and then on live sites.
But, by the time of the public disclosure (April 20, 2015) the overwhelming majority of Magento sites had not yet implemented the security patch and remained vulnerable for fraud attacks.
According to Sucuri, less than in 24 hours after the discloser they started to register attacks exploiting current vulnerability. Seemingly, they come from the same criminals using 220.127.116.11 and 18.104.22.168 IP addresses in Russia.
The malicious code tries to create a fake admin user in the Magento database leveraging SQL injections. If you suspect that your Magento store became the subject of attacks, try to find next usernames in your database: admin_user and ypwq, as these are the names they are using so far.
In order to protect your store Magento recommends you to implement both SUPEE-5344 and SUPEE-1533 security patches.
The patches and installation instructions are available on Magentocommerce.com.
You can also test your site for safety using Magento Shoplift Bug Tester v1.0 by Byte.
The increasingly frequent use of online stores brings security issues to the fore and makes merchants to plan their business in strict compliance with security rules and recommendations.
We also try to focus on the Magento security in our blog since we consider it to be as much important as store functionality and user experience. So, we encourage you to follow Magento security recommendations and keep your customers safe.
Have any comments? Add them below, please.