40% of Magento and Adobe Commerce Websites at Risk in November 2022

17 Nov 2022
Albert Wood
Albert Wood
40% of Magento and Adobe Commerce Websites at Risk in November 2022

After a quiet summer, the hackers are back just in time for the holidays. The number of attacks targeting a Magento 2 and Adobe Commerce vulnerability is rising fast.

A minimum of seven Magecart groups are injecting TrojanOrders at almost 40% of Magento and Adobe Commerce stores in November. The hacking groups are behind a massive surge in ‘TrojanOrders’ attacks exploiting a Magento 2 and Adobe Commerce vulnerability that allows the threat actors to compromise vulnerable servers.

There has been a significant uptick in attacks using the mail template vulnerability in Magento 2 since February 2022 (CVE-2022-24086). Sansec, a website security firm, estimates that at least a third of all Magento and Adobe Commerce stores have yet to be patched.

These attacks inject malicious JavaScript code into a Magento/Adobe Commerce store’s website that causes massive business disruption and customers’ credit card information theft during the Black Friday and Cyber Monday sale period.

This trend is expected to continue as we head toward Christmas, when eCommerce stores are at their most critical and vulnerable time of the year.

Why is there a Rise in Attacks?

The analysts Sansec believe that there can be multiple reasons for the surge in attacks.

1) Many Magento 2/Adobe Commerce sites remain vulnerable to these attacks, even months after the patches became available in February 2022.

2) PoC (Proof of Concept) exploits have been available for a long time, allowing exploit kit owners to incorporate them into their tools and profit by selling them to low-skilled hackers.

3) Another driving factor behind these TrojanOrders is the availability of several low-cost exploit kits on hacking forums. These Magento exploits were sold for $2,500; however, in early 2022, they cost between $20,000 and $30,000.

4) Successful attacks lead to more attacks; if a group becomes successful, the number of attacks rises. Every new website hacked brings in more credit cards, payments, and private data.

5) Perfect timing, November is the ideal attack month, with eCommerce stores preparing for Black Friday and Cyber Monday and having a code freeze.

How to Safeguard your Store (and Customers)

If you haven’t applied the security update that addresses CVE-2022-24086, you should patch your store as soon as possible.

Moreover, monitor orders to find signs of a TrojanOrder attack. For example, the template code in order forms or the orders submitted by anonymous email accounts – Protonmail, Tutanota, and more.

Use a backend malware scanner to discover past infections that have resulted in RAT injections on your store.

You are Patched, but are you Secure?

Almost all the Magento and Adobe Commerce websites were exposed to this vulnerability.

There may be a chance your store has already been attacked before applying one of the patches, and a backdoor was installed on your system. 

Connect with ioVista’s Adobe Certified Experts to learn more about this vulnerability and keep your store up and running during the most significant time of the year, the holiday season. 

Albert Wood
Albert Wood linkedin

Albert Wood is an accomplished eCommerce Business Analyst. As a technology futurist and sales motivator at ioVista, Albert is dedicated to transforming struggling eCommerce businesses into thriving enterprises. With a keen focus on client’s business processes, user experience (UX), and leveraging the power of digital marketing, he helps businesses optimize their online presence and drive sustainable growth. Albert’s passion is for virtual reality (VR), augmented reality (AR), and mixed reality (MR), immersing himself in unforgettable experiences and exploring the limitless possibilities they offer. His enthusiasm for these emerging technologies fuels his drive to push the boundaries of innovation in eCommerce.

Get in Touch

    Start Your Free Website & Platform Assessment.

    Get in touch with us if you have a web development or digital marketing project that you would like to get underway!

    Platform Assessment