Magento Users Threatened by Network Intrusions
Sept. 4, 2014
News of retail data breaches continues to come fast and furious and this time, e-commerce Websites could be the latest victims. Last week, the Department of Homeland Security estimated that more than 1,000 U.S. businesses may have been compromised by the memory-scraping malware known as Backoff and Dairy Queen confirmed it is investigating a breach. Yesterday, Home Depot confirmed the same in a statement. But those, and other high-profile breaches like those at Target and Neiman Marcus at the end of last year, were intrusions that targeted the POS systems of brick-and-mortar retail locations. Now, according to a data-security firm, e-commerce Websites using the Magento platform are being targeted.
Forgenix, a London-based company that has been doing forensic work on data-security compromises for a decade, said it has been working on separate investigations for e-commerce sites that turned up the common denominator of Magento. Officials from Forgenix said the vulnerability is not in the Magento platform, but arises as a result of Magento users installing fake extensions or “plug-ins” into the Magento framework. While Forgenix has been able to identify when sites are compromised, they are not able to pinpoint how hackers are delivering the malicious plug-ins in the first place, according to Andrew Bontaft, director and a co-founder of Forgenix.
“It’s not clear on how contact is made,” Bontaft told CardNotPresent.com. “Hackers could have previously compromised the site, then deployed the malicious plug-in. Or, merchants might be falling prey to phishing attacks.”
Regardless, once infected, it may be very difficult for merchants to identify if they are compromised. Forgenix has set up a Website where merchants can enter their URL for a free scan of their site to determine if they have been infected.