CyberNews Briefs

Two hacking groups responsible for huge spike in hacked Magento 2.x stores

New research by Sanguine Security shows that cyberattacks on websites relying on e-commerce content management system (CMS) Magento are surging due to increased activity by two hacking groups. The number of hacked websites using Magento 2.x has been doubling every month since March of this year.

The campaigns are exploiting “PRODSECBUG-2198,” a critical SQL injection vulnerability that makes it possible for threat actors to take control of websites that have not installed the security update for this flaw, which was released in March. One threat actor accounts for 70% of breached Magento sites, while a second hacking group is behind 20% of breaches.

Read more: Two hacking groups responsible for huge spike in hacked Magento 2.x stores

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.