Fill the form & Get Installation Support

    Almost 2000 stores using the Magento eCommerce platform had been affected over the weekend.

    Security researchers claim this to be the “Largest Campaign Ever” they have observed to date since 2015.

    According to security experts, it was a typical Magecart scheme where hackers inject malicious code to breach intercept and logged the payment card details that trusted shoppers entered inside the checkout page.

    The founder of Sanguine Security (Sansec) Willem de Groot, a Dutch cyber-security firm specialized in tracking Magecart attacks found the following data during the observation:

    • 11th September (Friday) 10 stores got infected.
    • 12th September (Saturday)1058
    • 13th September (Sunday) 602 and
    • 14th September (Monday) 233

    Most stores were operating on Magento 1.x (EOL) version

    The Sansec notes that the affected stores were found to be running Magento version 1.x.

    On June 30, 2020, Magento version 1 reached its end-of-life (EOL). Currently, this version is not receiving any security updates or support for any fixes.

    Last year in November 2019, Adobe (owned by Magento) issued the first alert about store owners needing to update to the Magento 2.x as the company was expecting attacks since last year.

    Earlier, Adobe warned about the forthcoming attacks on Magento 1.x stores which were later resonated in similar advisories issued by Visa and MasterCard. Several experts in the web security community said that new Magento 1.x vulnerabilities had not been spotted in a while, which was uncharacteristic because the 1.x branch was old and damaged with security holes.

    So, the experts were right!

    However, de Groot has not yet identified how hackers attacked Magento1.x websites that have been targeted over the weekend.

    Sansec founder added that ads for a Magento 1.x zero-day vulnerability had been posted last month on underground hacking forums, further confirming that attackers were waiting for the EOL to come around.


      Recent Articles

      Get a Free Quote


        mage Monkeys

        Let’s initiate a discussion!!

        Book a call

        Let our Magento expert connect to discuss your requirement.

          We offer Magento
          certified developers.

          Our Magento clientele
          is 500+.

          We sign NDA for the
          security of your projects.

          We’ve performed 100+
          Magento migration projects.

          Free quotation
          on your project.

          Three months warranty on
          code developed by us.