Fake Payment Method Added in Magento Store - Credit Card Info Getting Leaked

Today, when businesses and buyers have found the common ground-The e-commerce space. Online shopping has become the most natural phenomena around. And CMS (Content Management System) like Magento, is one thriving software in this niche. However, it has resulted in it becoming the unfortunate target of cyber attacks. Well, credit card hacks in Magento is not something unheard-of. Adding to its previous list of attacks, a new case of Credit Card Hack in Magento has come to light.

Indicators of the Credit Card Hack

In the past, we have repeatedly seen credit card hacks in the top e-commerce CMS(s) like Opencart & Prestashop. In these kinds of hacks, the hacker either adds a new payment method or plants a fake payment form. These tricks let him fish valuable credit card info.

This particular hack was disclosed when one of Magento users reported to us that something fishy was going on with his website’s payment gateway. When our engineers, scanned the website, they found that it indeed was hacked.

Fake Form Added in Magento Store Checkout Page

Below is a picture of the fake form added by the hacker. The right side of the image shows a mandatory form with another set of details like name, credit card number, etc. The details inserted in this form would get transmitted to the hacker.

Hacker inserted fake payment for in Magento store

Astra’s Magento Malware Scanner

After getting the first hint from the user, engineers at Astra ran malware scanner on the customer’s website without delay. This scan also had something to reveal, it showed the exact places/files which were infected. In this particular case, the malware was found in the JS file.

Magento Malware Scanner

Malicious Codes found

Our ethical hacking team then went deeper and found that the hacker had abused several lines of codes to trespass the security.

The following picture shows the compromised codes.

Malicious Code

Is your Magento website hacked? Send us a message in the chat widget, and we will be happy to help.

Credit Card Hack Prevention Methods

Of course, our security team removed the malware manually from the website. And then restored it to its healthy state with enhanced security settings in place.

You can do the following to check and remove the credit card hack from your websites.

Related Article- Malicious Magento script stealing credit card details from hacked websites

Install Security Patches by Magento

Magento releases timely security patches for its users to install. Do not lag behind in installing them. Upgrading your store to the latest version can be your life savior.

Rename Admin Folder

Renaming the folder will make it difficult for attackers to find it. Moreover, you can make use of .htaccess to prohibit access to the login folder by IPs other than that of the Admin.

Protect Catalogue

.htaccess can also be used to protect catalogue and sensitive files like .txt, .twig, etc. File match will do the job.

Set Strict Folder Permission

Restricting files, folders, and subfolders in a way that only the admin can access will add to your security hugely.

Set Strict File Permission

Set file permissions for sensitive files to 644 or 444. Having this permission will restrict everyone other than the admin to write/modify it. Some sensitive files are:

  • config.php
  • index.php
  • admin/config.php
  • admin/index.php
  • system/startup.php

Related article- How to Remove Magento Credit Card Malware Hack?

Conclusion

Given the number of attacks that are reported in e-commerce sites on a daily basis, we can say that e-commerce is the coveted space by hackers. It also corroborates the fact that it needs to be more secure than others. To guard your store against credit card hacks, make sure your website is upgraded and all the important files out of reach. In case you are not able to solve this on your own, Astra Security is here.

Astra’s Firewall prevents your website from SQLi, XSS, bad bots, and 100+ security threats. Our Malware Scanner scans a website in 10 minutes the first time and takes less than a minute for the subsequent scans. This Scanner could be availed on demand by the user. VAPT (Vulnerability Assessment & Penetration Testing) at Astra makes sure no coding fault/malware is left on your website.

How Astra Firewall Secure your Magento Store

Get an Astra demo now!

Waiting to Get Hacked?

Get security tips & latest vulnerability fixes right in your inbox:

About The Author

Aakanchha Keshri

A tech enthusiast. She loves to learn and write about CMS security. And a Potterhead.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close