Magento Mayhem: Critical Bug Opens Door to Crafty Credit Card Skimmers!

Magento’s checkout cart just got a malicious makeover! Hackers slipped in a backdoor faster than you can say “add to cart,” exploiting a vulnerability now patched. Time to update or risk an uninvited shopping buddy! #MagentoMayhem

Hot Take:

Well, well, Magento, look at you being all popular and stuff—so popular that the bad hackers can’t keep their grubby digital fingers off you. A 9.1 on the “I’m in danger” scale, and we’re not talking about your average skateboarding scrape; this is full-blown cyber backdoor shenanigans. Cue the e-commerce drama, because it’s patching time, or your digital storefront might as well hang a “Rob me, I’m easy!” sign.

Key Points:

  • Magento’s got a new accessory in its code closet: a critical vulnerability (CVE-2024-20720), with a severity score that’s screaming for attention.
  • Over 150,000 online stores could turn into malware catwalks if they don’t hurry up and patch.
  • Turns out, attackers are quite the creative directors, blending vulnerabilities with a default package to strut their malicious stuff.
  • MageCart skimmers are like the paparazzi of the cybercrime world, flashing their malicious lenses at outdated Magento versions.
  • Sansec’s playing cybersecurity Sherlock, uncovering over 500 infections in a single day—talk about a malware marathon!
Title: Command injection in data collector backup due to insufficient patching of CVE-2023-38208
Cve id: CVE-2024-20720
Cve state: PUBLISHED
Cve assigner short name: adobe
Cve date updated: 02/15/2024
Cve description: Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.

Need to know more?

Magento's Malicious Makeover

Imagine Magento as a runway model, except instead of donning the latest fashion, it's being dressed up with persistent backdoors by some not-so-friendly cyber designers. Sansec's cybersecurity gurus have been flipping through the code pages, and they've spotted a "cleverly crafted" malware ensemble hidden in the database wardrobe. Time for a quick change, Magento—your new look includes a security patch with a February 13 release date.

European Catwalk Crisis

This isn't just an online faux pas; it's a full-blown European cybersecurity fashion emergency. With over 150,000 stores strutting their stuff on the Magento platform, it's no surprise that cybercriminals are eyeing them up like the last piece of cake at a birthday party. But instead of taking a slice, they're leaving a little something behind: a backdoor that gives them all-access passes to the VIP area of Magento's code.

Cybercriminals Play Dress-Up

The attackers are proving to be quite the savvy stylists, using a default package to execute system commands that are as sneaky as a hidden heel lift. They're slipping in backdoors faster than a model slips into haute couture, ensuring their malware remains the season's must-have even after store owners try to clear out last season's stock.

MageCart: The Malware Paparazzi

MageCart is the kind of skimmer you don't want at your runway show. Last spotted targeting websites with the fashion sense of 2010 (i.e., outdated Magento versions), these cyber paparazzi are all about capturing credit card details instead of candid shots. Sansec's spotlight shone on more than 500 infections in just one day, all linked to the now-defunct naturalfreshmalll.com—a domain name as suspicious as a knockoff designer bag.

Outdated E-commerce: The Vintage Cybercrime Trend

Rocking vintage threads might be cool, but when it comes to e-commerce platforms, old and unsupported is the new vulnerable. Magento 1 is the equivalent of a flip phone in a smartphone world, no longer getting the updates that would keep it chic and secure. Cybercriminals are cashing in on this trend, turning these digital relics into their personal piggy banks.

So, if you're in the e-commerce space, it's time to update your wardrobe, I mean, your Magento installation. Keep it fresh, keep it patched, and stay off the worst-dressed list in the cybersecurity tabloids.

Tags: Adobe platforms, Credit card theft, CVE-2024-20720, e-commerce security, MageCart skimmers, Magento vulnerability, Security Patch Updates