Security News > 2022 > July > Hackers exploited PrestaShop zero-day to breach online stores
Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
The PrestaShop team issued an urgent warning last Friday, urging the admins of 300,000 shops using its software to review their security stance after cyberattacks were discovered targeting the platform.
The attack appears to impact PrestaShop versions 1.6.0.10 or later and versions 1.7.8.2 or later if they run modules vulnerable to SQL injection, such as the Wishlist 2.0.0 to 2.1.0 module.
"We believe attackers are targeting shops using outdated software or modules, vulnerable third-party modules, or a yet-to-be-discovered vulnerability," explains the PrestaShop security advisory.
To conduct the attack, hackers send a POST request to a vulnerable endpoint followed by a parameter-less GET request to the homepage that creates a "Blm.php" file at the root directory.
Finally, upgrade all used modules to the latest available version and apply the PrestaShop security update released today, version 1.7.8.7.
News URL
Related news
- Orange Group confirms breach after hacker leaks company documents (source)
- Silk Typhoon hackers now target IT supply chains to breach networks (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Oracle denies breach after hacker claims theft of 6 million data records (source)
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (source)
- StreamElements discloses third-party data breach after hacker leaks data (source)
- Canada launches breach risk self-assessment online tool (source)
- Hackers lurked in Treasury OCC’s systems since June 2023 breach (source)
- CentreStack RCE exploited as zero-day to breach file sharing servers (source)