Clients using Magento 1 e-commerce platform are getting hacked

In its latest security alert, Adobe asked users of the Magento 1 e-commerce platform to update to the latest available version of Adobe Commerce; this after the company was notified of the attack against more than 500 online stores using this software.

This wave of attacks was reported this week by security firm Sansec, which released a report revealing that hundreds of stores were compromised by a skimming tool loaded from the domain

The company asked victims to contact their support area to find a common entry point and protect other traders against a potential new attack. Adobe also mentions that the first stage of investigation has already been completed, so it is known that the attackers used a combination of SQL injection and PHP object injection (POI) to take control of the vulnerable software.

It is important to remember that Adobe has stopped supporting Magento software, although this has not been an impediment for thousands of e-commerce websites to continue using it.

By analyzing one of the intrusions in detail, the researchers found that the attackers left 19 backdoors on the target system, so they recommended victims use a malware scanning solution to identify all instances of malicious files or compromised Magento code.

Since its launch, Magento has created constant problems for Adobe and its thousands of users. At the end of 2021, cybersecurity specialists reported that more than 4,000 online stores would have been compromised by hacking groups exploiting known vulnerabilities in Magento, which would have represented losses of hundreds of thousands of dollars.

In addition, in 2020 Sansec also reported hundreds of attacks against Magento online stores, while by then Adobe already foresaw massive attacks against Magento 1.x implementations, although they were confident that versions 2.x could be considered safe.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.