Subscribe to our Blog
Following an investigation into breached ecommerce merchants, Foregenix identified the Magento trojan plug-ins running on the Magento platform, posing a threat of data compromise to ecommerce businesses.
By simply entering the website URL into the online scanner, the Foregenix team has automatically assessed over 350 vulnerable sites and confirmed 5% of those scanned so far have been compromised.
Speaking about the threat, Director of Foregenix, Benjamin Hosack, said:
“Hackers are constantly innovating to find new and more intelligent ways of stealing sensitive and personal data as the identification of these rogue plug-ins prove. Businesses must make security a priority and implement solutions that protects them as well as their customers from potential risk."
“These malicious modules permit remote and unauthorized access, allowing hackers to make modifications and harvest payment card details which could result in significant and expensive fraud liabilities for businesses.”
“Our online website scanner has identified a worrying number of affected businesses and there are without a doubt hundreds more that we haven’t been able to advise and mitigate the threat.”
With the potential to damage hundreds of businesses across the globe, Foregenix’s online website scanner has already been used by over 1,000 Magento businesses who wanted to identify if they were at risk of the Magento backdoor trojan plugins.
Speaking about the scanner, Benjamin added:
“Our role as information security specialists allows us to spot patterns and trends in the type of attacks hackers are using.”
“The best way for businesses to avoid this particular breach is to be aware of the dangers hackers pose and to be extra vigilant when using ecommerce platforms, paying particular attention to the plug-ins they download.”
“Any Magento-based business that thinks it could be at risk should put their mind at ease and use our online scanner at www.foregenix.com/magento_scanner”
To find out more about Foregenix visit www.foregenix.com or email info@foregenix.com
With hundreds of Magento-hosted e-businesses at risk from fraudulent hackers through the use of rogue Magento plugins, an online website security scanner has confirmed nearly 5% of over 1,000 websites tested have been compromised.
Benjamin Hosack
Benj Hosack is a Director and co-Founder of Foregenix Limited. Foregenix is a specialist information security business delivering services in Forensics, PCI DSS, PCI P2PE, PA-DSS and information security solutions within the Payment Card Industry. Our technologies are designed to simplify security and PCI Compliance. Specialties: Cardholder Data Discovery - defining and reducing PCI DSS Scope / PA-DSS / PCI DSS / P2PE / Account Data Compromise Investigations. We are specialists in the Payment Card Industry and work with all types of companies in the payment chain (Acquiring banks, Processors, hosting providers, web designers, merchants, systems integrators etc).
See All Articles