Hackers publish details on critical Magento flaw

The Magento e-commerce platform could soon face a number of attacks after hackers publicly released code that exploits a critical vulnerabi...

The Magento e-commerce platform could soon face a number of attacks after hackers publicly released code that exploits a critical vulnerability in its systems which could be used to plant payment card skimmers on sites that have not yet been updated.

PRODSECBUG-2198 is the name of the SQL injection vulnerability that attackers can exploit without the need for authentication.

Any hacker that can obtain user names and crack the password hashes protecting these credentials could theoretically exploit the flaw to take administrative control of administrator accounts. Upon gaining access, they then could install backdoors or any skimming code they choose.

This method was tested by a researcher at the security firm Sucuri who managed to reverse-engineer a recently released official patch to create a working proof-of-concept exploit.

Card skimming

Competing gangs of cybercriminals have spent the last six months trying to infect e-commerce sites with card skimming malware to steal users' payment details. They employed known exploits as well as zero-day vulnerabilities to accomplish this and such a vulnerability in Magento's e-commerce platform will likely be exploited due to the fact that over 300,000 businesses and merchants use its services.

Lead malware intelligence analyst at Malwarebytes, Jérôme Segura explained the severity of the situation to Ars Technica, saying:

“There is no doubt threat actors are either actively reversing the patch or waiting for a proof of concept to exploit this flaw at scale. When it comes to hacked Magento websites, Web skimmers are the most common infection type we see because of their high return on investment. As a result, we can expect another wave of compromises in light of this newly found critical vulnerability.” 

When the proof-of-concept code was published, comments in the code revealed that it could also be modified to obtain other information from Magento's database such as admin and user password hashes. It was also discovered that the vulnerability has existed in Magento since version 1 of its software. This means that all Magento sites that have not installed the latest update are potentially susceptible.

The company's developers recently disclosed and patched a number of vulnerabilities including PRODSECBUG-2198. There is a stand-alone patch for this vulnerability but since the other flaws also pose a threat, it is recommended that all customers upgrade to Magento Commerce or Open Source 2.3.1 or 2.2.8.

Via Ars Technica



from TechRadar - All the latest technology news https://ift.tt/2OvT2Sa
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,188,Video,5,XIAOMI,13,YouTube - 9to5Google,187,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Hackers publish details on critical Magento flaw
Hackers publish details on critical Magento flaw
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2019/03/hackers-publish-details-on-critical.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2019/03/hackers-publish-details-on-critical.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy