Security News > 2022 > July > Hackers exploited PrestaShop zero-day to breach online stores
Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
The PrestaShop team issued an urgent warning last Friday, urging the admins of 300,000 shops using its software to review their security stance after cyberattacks were discovered targeting the platform.
The attack appears to impact PrestaShop versions 1.6.0.10 or later and versions 1.7.8.2 or later if they run modules vulnerable to SQL injection, such as the Wishlist 2.0.0 to 2.1.0 module.
"We believe attackers are targeting shops using outdated software or modules, vulnerable third-party modules, or a yet-to-be-discovered vulnerability," explains the PrestaShop security advisory.
To conduct the attack, hackers send a POST request to a vulnerable endpoint followed by a parameter-less GET request to the homepage that creates a "Blm.php" file at the root directory.
Finally, upgrade all used modules to the latest available version and apply the PrestaShop security update released today, version 1.7.8.7.
News URL
Related news
- Pokemon dev Game Freak confirms breach after stolen data leaks online (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Nokia investigates breach after hacker claims to steal source code (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)