In a concerning development for e-commerce security, hackers have been discovered exploiting a critical flaw in the popular Magento platform, leaving numerous online stores vulnerable to data breaches. The vulnerability, identified as CVE-2024-20720 with a severity score of 9.1, was acknowledged and addressed by Adobe in security updates released on February 13, 2024.
The exploit involves injecting a persistent backdoor into e-commerce websites, allowing threat actors to execute arbitrary commands and potentially steal sensitive payment data. Security experts from Sansec revealed that attackers are utilising a cleverly crafted layout template stored in the database to automatically insert malicious code into the system.
By combining the Magento layout parser with the beberlei/assert package, hackers can execute system commands, particularly targeting the checkout cart section of affected websites. This malicious code, facilitated by the ‘sed’ command, enables the installation of a payment skimmer, designed to capture and transmit financial information to compromised Magento stores under the attackers’ control.
This incident underlines the urgency for e-commerce businesses to promptly apply security patches provided by Magento to mitigate the risk of exploitation. Failure to do so could leave them susceptible to financial losses and reputational damage.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: