Details about Russian (.ru) email id hack in Magento
Recently bots have been targeting Magento e-commerce stores by adding adding 1000s of fake accounts with .ru in the email address. It has been seen that such bots can create anywhere between 4,200 to 10,000 fake Magento accounts in a month.
Code to check for Fake .ru Magento accounts
You can run the following MySQL query to check for fake accounts and ensure that they haven't ordered before.
SELECT ce.entity_id,email, ce.updated_at, caev.value, ce.store_id, group_id AS gid
FROM customer_entity ce
LEFT JOIN customer_address_entity_varchar caev ON caev.entity_id = ce.entity_id
WHERE caev.value IS NULL
AND ce.email LIKE '%.ru'
AND ce.entity_id NOT IN (SELECT sfo.customer_id FROM sales_flat_order sfo WHERE sfo.customer_id = ce.entity_id)
GROUP BY ce.email
ORDER BY ce.entity_id DESC How to delete Fake Magento customer accounts
Once these records are fetched in your phpMyAdmin window, you can delete the entity_ids from all the customer tables.
How to prevent Magento fake account creation
- Sunce the bots are capable of creating 1000s of accounts per second, you could use Astra for rate limiting web requests to the acccount creation form
- A Google Re-captcha would also prevent this hack
Follow our Magento Security Guide to secure your store in real time against malware attacks.
![Website Malware Cleanup]()
Website Malware Cleanup
Website Malware CleanupHave you been hacked? Do you need help with fixing your website? We provide professional malware cleanup services to get your business back online quickly.
![Removal of Security Warnings]()
Removal of Security Warnings
Removal of Security WarningsIf your website is hacked, your visitors may be shown a warning message. Astra will take the necessary steps to remove your website from the blacklists ASAP.
![Astra Website Firewall (WAF)]()
Website Firewall (WAF)
Website Firewall (WAF)Stop future website hacks with Astra WAF & protect your website. No hassle out-of-the-box security tailored to your technology stack & CMSs like WordPress, Magento, Opencart etc.
![Real Human Support]()
Real Human Support
Real Human SupportAstra's team of security engineers guide you through your security journey. We believe in customers first, so no waiting in long queues to get your queries answered.
This information is provided as part of the Astra community project. All information should be considered as-is, without guarantees. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to [email protected]
