Security News > 2022 > November > Magento stores targeted in massive surge of TrojanOrders attacks
At least seven hacking groups are behind a massive surge in 'TrojanOrders' attacks targeting Magento 2 websites, exploiting a vulnerability that allows the threat actors to compromise vulnerable servers.
Website security firm Sansec warned that almost 40% of Magento 2 websites are being targeted by the attacks, with hacking groups fighting each other over control of an infected site.
These attacks are being used to inject malicious JavaScript code into an online store's website that can cause significant business disruption and massive customer credit card theft during a busy Black Friday and Cyber Monday period.
TrojanOrders is the name of an attack that exploits the critical Magento 2 CVE-2022-24086 vulnerability, allowing unauthenticated attackers to execute code and inject RATs on unpatched websites.
Sansec's analysts believe that there are multiple reasons we are seeing a surge in attacks targeting this vulnerability.
First, a large number of Magento 2 sites remain vulnerable to these attacks, even ten months after the patches became available.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-16 | CVE-2022-24086 | Improper Input Validation vulnerability in multiple products Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. | 9.8 |