Shoplifters…every brick and mortar store owner is familiar with them. In the online world, the Magento Shoplift bug is a recent Magento vulnerability reported in late January 2015 that allows attackers to gain control over a store as well as its data using RCE (Remote Code Execution). This simply involves some one hacking your Magento Store and rewriting a core Magento file, so that the hacker can gain access to credit card Information. Hence, it is quite possible that your store might have been affected.
Researchers who often function as white Hat Hackers belonging to a private group Check Point recently discovered that this critical RCE vulnerability could lead to a complete compromise of any Magento Store. The affected data can include credit card information, and other financial and personal data. This critical vulnerability can affect nearly two hundred thousand online shops. Store owners are advised to apply the patch immediately if they haven’t done so.
In the case of this specific shoplift bug, the exploit takes serious advantage of an important core file – cc.php. In case you see specific PHP functions like ‘curl’ then your store might have been compromised. Presently Magento advises merchants who are using the Magento Platform after they log in to the admin, to download the patch SUPEE-5344, which was released on Feb 9, 2015.
The unauthenticated hacker can actually exploit a chain of several vulnerabilities so that he can gain control of the store and its complete database. This allows credit card theft or other administrative access into the Magento system, by exploiting the vulnerabilities affecting the magneto core directly. Currently, the 1.9.1.0 CE and 1.14.1.0 EE are confirmed to be susceptible to this vulnerability.
There are a few tips that will help you keep your Magento store secured. However it could happen that the store could have been compromised already, leaving customer accounts as well as the encrypted passwords at risk. In this case, its probably a wise decision to let customers know that their has been a security breach. At the same time, its better to use stronger encryption methods rather than the relatively weaker encryption method that Magento uses.
Another option that you need to consider is the likelihood of a backdoor being left behind by the attacker. This could mean that you would need to ultimately re-install the server in some cases including various other crucial steps. Other steps that you might need to take would be to disable the shopping cart besides scanning your personal computer for viruses.
Additionally, you might want to take additional steps such as creating unique databases for Magento alongside unique users who have a unique passwords. You will also need to use a secure admin path. If possible, avoid the installation of modules directly via Magento Connect. Check the legitimacy of the Magento developers from which you choose to install the modules. Furthermore, go secure with all your accounts by choosing unique passwords. Give restricted access to outside developers and also actively monitor those who have access to your passwords.
You might also need to make a change to the way you access your server, and here, some of the issues include public key authentication, use of SFTP, privileges separation, disabling dangerous PHP functions, the judicious use of the Magmi import tool, and solving issues related to back-door’d websites.
To conclude, there’s a lot that goes int website security, so you need to monitor carefully every activity and obtain expert advice if essential from a Magento Website Security Consultant. You need to understand that no website is 100% secure and go on and secure your website right away.
Minal Joshi is a content marketer at Krish with a flair for eCommerce and Digital Commerce aspects. She is a MarTech fanatic with a knack of writing with which, she helps brands to curate, create, & commence digital brand positioning. Sharing insights via articles, case studies, eBooks, Infographics, and other forms of content creation is what she lives for. Being an ardent traveler, when not writing, you'll find her sipping coffee into the mountains or petting a stray.
7 October, 2022 The Holiday season is one of the busiest shopping seasons throughout the year. In 2021, the months of October and November witnessed a jump of 11% YoY and accounted for $211.41 billion in online retail. From Black Friday to Cyber Monday and Halloween to New Year, these two months are a gold mine for online retailers if all falls in place as per plans.
Never miss any post, stay tuned!