Hackers Exploit Magento Bug to Steal Cost Information from E-commerce Web sites

-

Hackers Exploit Magento Bug to Steal Cost Information from E-commerce Web sites

Risk actors have been discovered exploiting a essential flaw in Magento to inject a persistent backdoor into e-commerce web sites.

The assault leverages CVE-2024-20720 (CVSS rating: 9.1), which has been described by Adobe as a case of “improper neutralization of particular parts” that would pave the way in which for arbitrary code execution.

It was addressed by the corporate as a part of safety updates launched on February 13, 2024.

Sansec stated it found a “cleverly crafted format template within the database” that is getting used to mechanically inject malicious code to execute arbitrary instructions.

“Attackers mix the Magento format parser with the beberlei/assert package deal (put in by default) to execute system instructions,” the corporate stated.

Cybersecurity

“As a result of the format block is tied to the checkout cart, this command is executed each time <retailer>/checkout/cart is requested.”

The command in query is sed, which is used to insert a code execution backdoor that is then answerable for delivering a Stripe fee skimmer to seize and exfiltrate monetary info to a different compromised Magento retailer.

The event comes because the Russian authorities has charged six individuals for utilizing skimmer malware to steal bank card and fee info from overseas e-commerce shops at the least since late 2017.

The suspects are Denis Priymachenko, Alexander Aseyev, Alexander Basov, Dmitry Kolpakov, Vladislav Patyuk, and Anton Tolmachev. Recorded Future Information reported that the arrests have been made a 12 months in the past, citing courtroom paperwork.

“Because of this, members of the hacker group illegally took possession of details about nearly 160 thousand fee playing cards of overseas residents, after which they bought them by shadow web websites,” the Prosecutor Common’s Workplace of the Russian Federation stated.

See also  New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

LEAVE A REPLY

Please enter your comment!
Please enter your name here

ULTIMI POST

Most popular