Category Archives Magento Security

Opencart Magento website redirecting to malware sites

An OpenCart & Magento malware redirecting both desktop and mobile websites to malicious links has been doing rounds. Since last week we have encountered several cases of this malware. There are no specific versions which are being targeted as we have seen this infection in a wide range of versions in both Magento & OpenCart. Also, check our in-detailed blog…

Magento SUPEE-10266 and New Versions: Update Immediately

Magento, one of the most favored e-commerce platforms, is often a target for cyber-criminals. Its huge popularity owes to its strict security practices, a timely update of system core and immediate fixes to security issues. Magento's latest security update contains multiple security enhancements. These updates relate to the Magento Open Source (formerly Community Edition) and Magento Commerce (formerly Enterprise Edition).…

When it comes to empowering retailers and brands, Magento is one of the most widely used e-commerce platforms. However, with great power comes greater responsibility of adhering to security practices for safe e-commerce businesses. On the contrary, Magento is one of the highest targeted e-commerce platforms for credit card fraud and user credential theft, with a staggering 62% of stores…

Magento Amasty RMA Plugin

About Amasty RMA Extension Vulnerabilities During a security audit engagement with a client using Magento, our engineers discovered a few critical vulnerabilities in Amasty RMA extension. The first vulnerability allows a hacker to upload malicious files on the server. Since php files can also be uploaded, a hacker can easily upload malicious shells like c99, r57, anishell etc to the…

15 Signs Your Website Has Been Hacked

Most customers discover that their website is hacked on seeing the 'Red Screen of Death' by Google or when a customer tells them. This can be dangerous because it means your website has been infected for a long time and may have damaged your website's reputation and privacy. Websites have become central to all businesses these days. They handle everything from e-Commerce…

OpenCart Magento Malware Infections

Last week was quite a busy one for our team. We tackled a number of website hack cases. A number of instances were of malware infections, websites getting blacklisted by Google and even getting defaced by hackers. Statistically, majority of these cases were from OpenCart followed by Magento. The top three OpenCart & Magento malware infections/attack vectors found were: The…

Recently, we published an update on a severe Magento vulnerability which was released by the DefenceCode team. Soon after Bosko Stankovic (the Defensecode researcher who discovered this Magento vulnerability) released a follow-up article. Bosko confirms that Magento would be patching these in the upcoming updates. Through this article, Astra aims to explain the severity of these vulnerabilities, and how one needs to…

Japanese SEO Spam/Keyword Hack Many website owners have contacted us worried about Japanese SEO Spam or Japanese Keyword Hack in Google search results for their websites. This happens when different web pages are shown to search engines and normal visitors. This particular Blackhat SEO technique hijacks Google search results by displaying Japanese words in the title and description of the infected…

Close