Magento sites highly vulnerable to cyberattacks

• Foregenix, a Johannesburg-based global cybersecurity firm, performed security scans and analysis on 842 African websites that use Magento and revealed that 88% websites are at high risk.
• The root cause of vulnerabilities in Magento e-commerce websites is user error, reported Jon Tullett, Research Manager at IDC.

Magento, the popular open source e-commerce platform, is highly vulnerable to cyberattacks, researchers found. Since the first public beta version was released in 2007, Magento has been developed and customized in order to provide a basic e-commerce platform.

Foregenix, a Johannesburg-based global cybersecurity firm, performed security scans and analysis on 842 African websites that use Magento and revealed that 88% websites are at high risk. The root cause of vulnerabilities in Magento e-commerce websites is user error, reported Jon Tullett, Research Manager at IDC.

How many sites are vulnerable?

• Researchers analyzed over 170,000 websites and discovered that 2,548 websites (1.5 percent) were infected with malware. Out of these 2,548 infected sites, 1591 sites were compromised by debit/credit card stealing malware.
• Another 2.3 percent of all sites were found vulnerable to Magento Shoplift, for which patches were made available in January 2015. This vulnerability allows hackers to hijack websites, steal sensitive information, and even order items free of charge via a single exploit command, which is publicly available.
• In 2015, it was reported that outdated or unpatched Magento e-commerce sites were vulnerable to a cross-site scripting attack, which allows hackers to perform online skimming to steal credit card information.
• DefenseCode, a security company, reported in 2017 that Magento CE web stores were vulnerable to remote code execution attacks, which allowed hackers to perform online skimming to steal credit card information and take control of the database.

Foregenix CEO Andrew Henwood said that the issues highlighted pose a great global problem. Such vulnerabilities put small traders at risk, he added. Henwood pointed out that online businesses often assume that web developers and hosting service providers take care of security. He added that web developing and designing agencies are great at developing websites but they are not well versed when it comes to security.

Simple precautions such as periodic patching, changing default settings, using complex passwords with two-factor authentication can help companies reduce the risk of cyberattacks.

The root cause of Magneto flaws

Jon Tullett, Research Manager for IT services at IDC, said that user error is the root cause of vulnerabilities in Magento e-commerce sites. Magento releases regular software updates and patches in response to vulnerabilities, which if not used periodically, can leave the websites highly vulnerable to data breaches. Therefore, site operators must take the responsibility to patch the software periodically and keep systems up-to-date.

Graham Cook, Director of BDO IT Advisory Services, said that a new Magneto malware was recently discovered that is capable of making system modifications to harvest payment card details and other sensitive information from users as well as the website.

Cook pointed out that this is not because of the vulnerabilities in Magneto itself, but as a result of users installing compromised extensions to the Magento framework. The malware is deployed via a malicious file containing compromised extensions. The file is then used by attackers to make modifications to the Magento framework, resulting in a breach.

Cook added that the malware has the capability to automatically alert hackers when new files are created, allowing them to steal more payment card details from the targeted compromised site.