There has been recent reports on a new malware that appears to capture details from all fields of the checkout process, including the credit card information. Its been done using Database or Admin access to get the details. Magento team do not have the details on how attackers are getting the Admin access, may they are going for weak passwords and some unpatched sites or using admin accounts set up before the site was patched.

Scan your site at magereport.com to check whether the site is at risk for a Credit Card Hijack and also don’t forgot to check you have any unknown Admin users in the site. You need to scan the code for the malware and some may includes onepage|checkout and can be found in two sections:

  • Admin->Configuration->General->Design->HTML Head->Miscellaneous Scripts, or
  • Admin->Configuration->General->Design->Footer-> Miscellaneous HTML

If the site is infected, immediately remove this malware and check you code for any unknown changes and remove any unknown Admin accounts and update all admin passwords to prevent further access to the website

Please check the information provided by Magento in their site for best security practices.

Leave a Reply

Your email address will not be published. Required fields are marked *