UPDATED June 2023 - we're still seeing Shoplift attacks. Please be aware.
This is a simple overview of what the Shoplift problem is and how to re-gain control of your website.
Since Check Point Technologies announced the critical vulnerability – known as Magento Shoplift (SUPEE-5344) – we have been contacted by a significant numbers of online businesses that have been compromised through this vulnerability.
How do you recover control of your online business?
Firstly, you need to understand what Magento Shoplift is so that you can devise a strategy to secure your online business.
What is Magento Shoplift ?
Magento Shoplift is a vulnerability that allows unauthenticated users to access administration pages on the website – and exploit certain pages via SQL Injection.
What does this mean?
It means that with this level of access, an attacker can perform admin functions, such as:
In short, if you have been affected, you need to act now to protect your business as the effects could be hugely damaging for your business brand and finances.
These are (mostly) highly effective and focused criminals with a high level of skill and technical capability – they are after your business.
What can you do about it?
There are 4 steps you should take immediately:
The attackers are highly likely to have anticipated you following the above steps and installed a web shell/backdoor to enable ongoing access should you successfully complete the above steps.
So how do you give your website an “all-clear for business” and ensure you are protected from future attacks?
Install FGX-Web to:
Forensic Assistance – if you need help with any of the above Foregenix is one of the leading digital forensic teams globally and we can help you.
You can check your website's current security status right now, here: