Hackers exploit plugin vulnerabilities, FBI warns

Tuesday 19 May 2020 10:01 CET | News

The FBI has warned that hackers are exploiting a three-year-old vulnerability in a Magento plugin to take over online stores.

The hackers also plant a malicious script that records and steals buyers' payment card data. This type of attack is known as web skimming, e-skimming, or Magecart, and the FBI previously warned about a rise in attacks in October 2019.

In this campaign, attackers are exploiting CVE-2017-7391, a vulnerability in MAGMI (Magento Mass Import), a plugin for Magento-based online stores. The vulnerability is a cross-site scripting (XSS) bug that allows the attacker to plant malicious code inside an online store's HTML code. By exploiting this vulnerability, hackers intend to steal environment credentials for a Magento online store, which they're using to take full control over the targeted sites. Once they gain access to the sites, they plant web shells for future access and start modifying the site's PHP and JavaScript files with malicious code that records payment details entered on the store when users buy and pay for new products.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: FBI, Magento, online stores, plugin vulnerability, malicious script, web skimming, e-skimming, bug, attacks, malicious code, payment details, hackers, credentials, fraud
Categories: Fraud & Financial Crime
Countries: World
This article is part of category

Fraud & Financial Crime

Industry Events