Cybersecurity Insights

Benjamin Hosack

Magento Phantom Malware Alert

17/02/2015, 18:14

Attention Magento Website Owners:


The Foregenix forensic team has recently identified a new data compromise of Magento websites called Magento Phantom.  This malware is very difficult to detect and is affecting escalating numbers of websites.

What’s the threat?

The Magento Phantom malware allows unauthorized users to access the impacted site and make system modifications to harvest payment card details, as well as other confidential information belonging to both customers and the compromised websites.

How do you know if you have been hacked by Magento Phantom?

Website owners can identify if they have been affected in 3 different ways:

  •        Use our FGX-Web Alert solution to check your website.  We have a 30 day free trial that would be plenty to understand if you have been hacked by Magento Phantom or not. FGX-Web Alert incorporates checks for Magento Phantom, as well as monitoring for other malware/backdoors/shells that could be used to compromise your website. Our team is on standby to provide unlimited support to remove malware/shells/backdoors for FGX-Web users.   
  •        Use our white paper to conduct a check yourself.  Its a manual process and you would be recommended to carry out regular checks to make sure that your website does not get attacked in the next few weeks/months.
  •        Do nothing and wait for your bank to contact you to say you have been hacked and need a forensic investigation.  (Not a recommended course of action!)

How do you protect your website from Magento Phantom?

Protection of your website is straightforward:

  •        Do not upload plugins/extensions that are not from a trusted source.
  •        Sign up for FGX-Web Alert to provide ongoing monitoring and support from the Foregenix team.
  •        Ensure your have a strong password policy for admin access to your website.

There are many other protective controls you could add – take a look at the Payment Card Industry Data Security Standard for a guide on the minimum set of controls you should have protecting your customer data.  After all, while credit card data is highly valuable right now, very soon businesses will be facing severe penalties for losing personally identifiable information too.  

Download our Whitepaper

Alternatively, you can download our Whitepaper which includes more details on how to detect and identify Magento Phantom Malware on your website.

You can download the Whitepaper here.

Tags: Web Security