Magento eCommerce stores are widely popular for their flexibility and secure access. Store administrator can access all the data on the go and manage products/services offered on his own. What if someone attacked your Magento store and got miscreants access to the website database? Since the platform is quite famous and is widely preferred for creating online shopping sites, it's equally vulnerable to Cyber attacks. As per an investigation by Sucuri, a US-based security firm, thousands of Magento stores have been found attacked with such an intention. This attack is automated and gives the unauthorized access to the store database. With this, an additional account with admin access can be created and used to deliver malware to the visitors' computers/smartphones. The malware can also steal users' crucial financial credentials and lead their computer to a freezing state. What Should Magento Store Owners Do About It? Magento eCommerce websites have crucial data and it's a matter of money after all. You can take the following tip to trace and clean out this malware: Generally, the malware is added to the core_config_data table, into the design/footer/absolute_footer entry. To trace the malware, you need to search for the function LCWEHH(XHFER1){XHFER1=XHFER1 code throughout the tables in the Magento database. Otherwise, you can look up for the guruincsite domain. Also, review all Admin accounts and make sure there is not any unknown account active. Installing any third-party Magento extension could allow the attackers to inject the malware into your website database, which eventually led to visitors' system crashed. If you are not technically competent, then you can consult the professionals and make sure they are aware of the whole scenario. Also, they must have practically cleaned it out earlier. Original content resource : http://www.magentoindia.in/blog/2015/11/02/magento-store-malware-vulnerability-exposed-need-stay-safe/
0 Comments
Leave a Reply. |
AuthorMagento India is a leading ecommerce development company provides Magento design, customization, module, maintenance services across all over the world. Archives
September 2017
Categories |