911 Hack Removal

Fake Payment Method Added in Magento Store – Credit Card Info Getting Leaked

Updated on: March 29, 2020

Fake Payment Method Added in Magento Store – Credit Card Info Getting Leaked

Article Summary

In this attack, the hacker either adds a new payment method or plants a fake payment form. These tricks let him fish valuable credit card info. This particular hack was disclosed when one of Magento users reported to us that something fishy was going on with his website’s payment gateway. When our engineers, scanned the website, they found that it indeed was hacked.

Today, when businesses and buyers have found the common ground-The e-commerce space. Online shopping has become the most natural phenomena around. And CMS (Content Management System) like Magento, is one thriving software in this niche. However, it has resulted in it becoming the unfortunate target of cyber attacks. Well, credit card hacks in Magento is not something unheard-of. Adding to its previous list of attacks, a new case of Credit Card Hack in Magento has come to light.

Indicators of the Credit Card Hack

In the past, we have repeatedly seen credit card hacks in the top e-commerce CMS(s) like Opencart & Prestashop. In these kinds of hacks, the hacker either adds a new payment method or plants a fake payment form. These tricks let him fish valuable credit card info.

This particular hack was disclosed when one of Magento users reported to us that something fishy was going on with his website’s payment gateway. When our engineers, scanned the website, they found that it indeed was hacked.

Fake Form Added in Magento Store Checkout Page

Below is a picture of the fake form added by the hacker. The right side of the image shows a mandatory form with another set of details like name, credit card number, etc. The details inserted in this form would get transmitted to the hacker.

Hacker inserted fake payment for in Magento store

Astra’s Magento Malware Scanner

After getting the first hint from the user, engineers at Astra ran malware scanner on the customer’s website without delay. This scan also had something to reveal, it showed the exact places/files which were infected. In this particular case, the malware was found in the JS file.

Magento Malware Scanner

Malicious Codes found

Our ethical hacking team then went deeper and found that the hacker had abused several lines of codes to trespass the security.

The following picture shows the compromised codes.

Malicious Code

Is your Magento website hacked? Send us a message in the chat widget, and we will be happy to help.

Credit Card Hack Prevention Methods

Of course, our security team removed the malware manually from the website. And then restored it to its healthy state with enhanced security settings in place.

You can do the following to check and remove the credit card hack from your websites.

Magento credit card hack

Related Guide – Complete Step by Step Guide to Magento Security (Reduce the risk of getting hacked by 90%)

Install Security Patches by Magento

Magento releases timely security patches for its users to install. Do not lag behind in installing them. Upgrading your store to the latest version can be your life savior.

Rename Admin Folder

Renaming the folder will make it difficult for attackers to find it. Moreover, you can make use of .htaccess to prohibit access to the login folder by IPs other than that of the Admin.

Protect Catalogue

.htaccess can also be used to protect catalogue and sensitive files like .txt, .twig, etc. File match will do the job.

Set Strict Folder Permission

Restricting files, folders, and subfolders in a way that only the admin can access will add to your security hugely.

Set Strict File Permission

Set file permissions for sensitive files to 644 or 444. Having this permission will restrict everyone other than the admin to write/modify it. Some sensitive files are:

  • config.php
  • index.php
  • admin/config.php
  • admin/index.php
  • system/startup.php

Related article- How to Remove Magento Credit Card Malware Hack?

Conclusion

Given the number of attacks that are reported in e-commerce sites on a daily basis, we can say that e-commerce is the coveted space by hackers. It also corroborates the fact that it needs to be more secure than others. To guard your store against credit card hacks, make sure your website is upgraded and all the important files out of reach. In case you are not able to solve this on your own, Astra Security is here.

Astra’s Firewall prevents your website from SQLi, XSS, bad bots, and 100+ security threats. Our Malware Scanner scans a website in 10 minutes the first time and takes less than a minute for the subsequent scans. This Scanner could be availed on demand by the user. VAPT (Vulnerability Assessment & Penetration Testing) at Astra makes sure no coding fault/malware is left on your website.

How Astra Firewall Secure your Magento Store

Get an Astra demo now!

Was this post helpful?

Tags: , ,

Aakanchha Keshri

Aakanchha is a technical writer and a cybersecurity enthusiast. She is an avid reader, researcher, and an active contributor to our blog and the cybersecurity genre in general. To date, she has written over 200 blogs for more than 60 domains on topics ranging from technical to promotional. When she is not writing or researching she revels in a game or two of CS: GO.
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include firewall, malware scanner and security audits to protect your site from the
evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany