As per the latest news, Magento has confirmed that the platform has faced a rigorous malware attack lately which resulted in affecting its 5000 end-users. The malware is reported to be named as MagentoCore which simply unveils the passwords. This malicious malware was designed with the motive to compromise the stores running on the Magento platform.
Why Magento?
We all know the fact how Magento has built its reputable place in the eCommerce industry. Along with advanced features and frugal accommodations, it became the top choice of the store owners. Meanwhile, Magento also became the preferred cull of malware.
Magento spokeswoman quoted, “We’re committed to ensuring the security of our customers and encourage all merchants to stay up to date on security patches“. She also said,” Merchants should sign up for the Magento Security Scan Tool and schedule regular scans of all of their domains. This free tool allows merchants to monitor their sites for security risks, [including vulnerability] to brute force attacks. The Security Scan Tool also monitors for malware.”
Magento, being an Open Source Platform sanction its users to share their custom features as per their individual requisites. The platform even allows the Store Admin to tweak the existing features on their own as transparency exists in the source code. Lately, Magento 1 support has been increased until June 2022. Though many e-merchants are migrating to Magento 2 platform, there is still a sizable base for Magento 1. So, it would be better that Magento soon comes up with any solution for this issue.
In Magento 2.2.6 more than 25 critical security vulnerabilities have been patched. Hence to stay protected from hacks businesses can update to the latest version.