Moreover, the online stores have been running cryptojacking scripts or were used as staging points in the delivery of other malware, according to Bleeping Computer. The sites were being compromised through brute-force attacks using common and known default Magento credentials, the online publication cited Flashpoint researchers.
These types of attacks are simplified when admins fail to change the credentials upon installation of the platform. Meanwhile, attackers can build simple automated scripts loaded with known credentials to facilitate access of the panels. According to the security researchers, the vast majority of these 1,000+ compromised sites belongs to the education and healthcare sectors, with the vast majority of them hosted on servers located in Europe and the US.
As criminals have access to cheap brute-forcing botnets that they can use to guess site passwords with relatively little effort, site owners are advised to use unique usernames and passwords that can’t be guessed after a few attempts.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now