Threat actors exploit a critical vulnerability in Magento, injecting persistent backdoors into e-commerce websites. Leveraging CVE-2024-20720, attackers circumvent security measures, allowing arbitrary code execution. Despite Adobe addressing the issue in a February 13 security update, hackers ingeniously employ layout templates to automatically insert malicious code, compromising financial data. This tactic involves the use of the Magento layout parser and default packages to execute system commands, ultimately enabling the deployment of Stripe payment skimmers.
The sophisticated attack method reveals the intricacies of cyber threats faced by online retailers, posing significant risks to both businesses and consumers. By exploiting vulnerabilities in widely used platforms like Magento, hackers capitalize on unsuspecting victims, potentially leading to extensive financial losses and reputational damage. The incident underscores the importance of proactive security measures and timely software updates to mitigate the impact of such exploits.
In parallel developments, the Russian government charges six individuals for using skimmer malware to pilfer credit card information from foreign e-commerce stores. Court documents reveal the suspects’ involvement in the illegal acquisition and sale of payment card data through shadow internet sites. The arrests highlight the global nature of cybercrime and the need for international cooperation in combating such illicit activities.
