Security researchers said Monday that hundreds of e -commerce sites, which are owned by at least one major multinational company, were backed by malware, which performs malicious code within visitors’ browsers, where the payment can steal card information and other sensitive data.
The infection supply is the result of a chain attack that compromised with Malware with at least three software providers who have been inactive for six years and have been mobilized in the last few weeks. At least 500 e -commerce sites that rely on backdoor software were infections, and it is possible that the actual number is doubled, researchers of the security firm Sansk Said.
Among the compromised consumers was a $ 40 billion multinational company, named Sansk. In an email on Monday, an representative of Sansk said “World Reconciliation [on the infected customers] Limited. “
Code execution on visitors’ machines
Thousands or millions of people coming to the affected areas affected by the supply chain attack poses a significant threat, as it allows the attackers to implement their choice code on e -commerce site servers. From there, server visitor operates information stealing codes on machines.
The representative wrote, “Since the backdoor allows the discretion of the PHP code to be uploaded and implemented, the attackers have a remote code (RCE) and they can do anything they want.” “Almost All Adobe Commerce/Magneto violations that we observe, followed by backdoor schemeing software that runs in the user’s browser and steals payment information (Majestic).”
Three software suppliers identified by Sansk were Tigran, Majsoloshan (MGS), and Matnishi. All three supply software that is based on MagentoAn open source e -commerce platform used by thousands of online stores. A software version sold by the fourth provider named Welt Pixel has been affected by a similar code at some of its users’ stores, but Sansk has so far failed to confirm whether it was stores or Welt Pixel that was hacked. Adobe is owned by Magnito since 2018.