Magento Killer - A new Security threat that steals payments Info

Magento Killer is a new threat that steals payment information of Magento Store. In fact, it is a script that modifies data in the core_config_data table of the targeted Magento Database. Moreover, it alters payment setting to redirect payment to that of the creators. The purpose of this article is to raise awareness and give you some tips that could help you avoid that. We will firstly discuss what the Script actually does and end up with Magento recommendation regarding security.

What is Magento Killer and how does it operate?

As mentioned in the introduction, Magento Killer is a script that steals payment information.  The warning about that threat has been raised by a  Sucuri researcher called Luke Leak.  According to his report, the code uses special SQL queries encoded in base64 to modify Magento database. Moreover, it makes use of two objects, i.e, Update DB and Update PP to respectively save credit card information of customers onto the server and change the Paypal merchant business account. In other words, with the script, the attackers redirect all the customer's payments to their bank account instead of that of the merchants. Note that those hackers do not limit themselves only to getting payment; they also save credit cards to later on empty bank accounts. Below is a small portion of the script used by the attackers.  (image source: blog.sucuri.net)

Magento Killer

How to reinforce Security of your Magento Store?

Security is crucial is eCommerce. As a matter of fact, the more you take security measures the more you improve your chances of growing online. As such, it is imperative to always keep an eye open to avoid any risks. Below are some things you can do to improve the security of your store.

1. Update regularly your store.

There is a new update of Magento every one or two months. Most of the time, new versions, will handle security issues and buggies of previous versions. You can subscribe to Magento Newsletter to receive a notification whenever there are changes. In order to upgrade to Magento latest version, Command line is often the recommended method. This documentation explains the steps to do that.

 2. Register your website for Magento Security Scan

Magento dashboard has a free tool that can help you scan and monitor the security of your website. If you can make use of that to analyze your website and get the important recommendations to better secure your website. Below is an example of how your scan looks like. You can, for example, download the file in PDF format to fix all the 'fail' and 'Unknow' Status.

security scan

3. Use best practices during the development and update of the website

One of the advantages of using a powerful CMS like Magento is continuity and community. In fact, customizing your store without referring to the official documentation will only increase your chances of being hacked. Adding to that, at a point, it will become practically difficult to update on improve.

4. Improve the security of your server,

Besides the website security, there is the security of your server(where your website is stored) that can increase your chances of being attacked. For instance, Some of the features such as TLS Version can affect payment processing. That is the reasons why working with a server specialist and making sure that is always available to help is really crucial.

5. Use third-party security services

There are third-party security services such as Sitelock that can reinforce security measures and handle hacking issues.

Conclusion

Overall, no one is really safe on the internet. However, take actions to make sure that things are done the proper ways can help you avoid some issues.

Thanks for taking the time to read our article. If you need our expertise to help you with your Magento Website, our team are available to assist.