« previous next »
Pages: [1]   Go Down

Author Topic: Another website with Magento CMS and security issues...  (Read 1521 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Another website with Magento CMS and security issues...
« on: July 15, 2018, 08:52:28 PM »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Another website with Magento CMS and security issues...
« Reply #1 on: July 15, 2018, 09:52:15 PM »
And again the main threat here lies within that PHP-based CMS,
namely this website's Magento CMS is vulnerable to credit card jacking:
https://www.magereport.com/knowledgebase/how-to-fix-credit-card-hijack
Also read: https://www.byte.nl/blog/widespread-credit-card-hijacking-discovered

And then lack of cross origin integrity validation is not helping much to protect in this respect,
when CMS patches are not being applied also. Info credits go to gwillem.
Hopefully collector servers for this card jacking's remote locations have been taken down by Dutch Cyber Security Forces.

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Another website with Magento CMS and security issues...
« Reply #2 on: July 15, 2018, 11:32:54 PM »
A further error report -> (script) -magentocore.net/mage/mage.js
     status: (referer=wXw.ajinca.com/index.php?m=content&c=rss&catid=10)saved 8768 bytes 1ce93fbd2e18f064d1681fbb0a701fcad40492e8  * see the attached obfuscated code presented as a harmless txt file

error
Quote
-www.ajinca.com/media/magentothem/default/loader.gif
     info: [decodingLevel=0] found JavaScript
     error: undefined variable Mage
     error: undefined variable Mage.Cookies
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var Mage.Cookies = 1;
          error: line:1: ....^
     error: line:3: SyntaxError: missing = in XML attribute:
          error: line:3: <!DOCTYPE html PUBLIC "-/W3C/DTD XHTML 1.0 Strict/EN" "http:/www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
          error: line:3: ...............^
&
Quote
  [embed] wXw.ajinca.com/media/js/
     info: [decodingLevel=0] found JavaScript
     suspicious: maxruntime exceeded 10 seconds (incomplete)

Interesting isn't it? Bitdefender's Traffic Light blocks the -magentocore.net/mage/mage.js code as a PHISHING attempt!

polonus
« Last Edit: July 15, 2018, 11:41:14 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »