16 march 2016 Magento team released new security announcement.
They have a report of a malicious code that is intended to capture information from all fields of the checkout process. It can grab credit card information.
Hackers use Admin or database access to introduction the exploit. Magento Team do not have exact information on how the attackers are gaining Admin access.
Attacker guesses weak passwords and unpatched sites and uses Admin account. It malware may have set up before a target site was patched.
The hack Credit card Hijack is malicious code in Magento that allows hackers to intercept financial data, such as credit card credentials.
With this new attack, credit cards are captured unencrypted and continuously. With this new way of hacking, malware is added in the browser of your websites’ visitors. This malware intercepts the credit card credentials the moment your customer types them in their browser.
Developers found out that amount of 3500 Magento stores are part of a zombie network that grab credit card credentials.
This article was written over 4 month ago. It further explains what this security breach means, what the consequences are and how you can fix it.
Magento developers recommend users run a scan
However now Magento developers recommend users run a scan on magereport to check if you are at risk for a “Credit Card Hijack” and attentively check if you have any unknown or unauthorized Admin accounts.
You can review your code for the malicious code. Developers indicate that the malware typically includes the text, “onepage | checkout” and resides in one of two places
Admin->Configuration->General->Design->HTML Head->Miscellaneous Scripts
Admin->Configuration->General->Design->Footer-> Miscellaneous HTML
If you are infected, please take immediate steps to remove this code.
You should also remove any unknown Admin accounts and update all Admin passwords.
This blog is related for Magento checkout process. With Checkout extension you can offer your customers dramatically reducing all the six steps of default checkout in to one.