Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Neutrino EK Targets Magento Websites

According to Sucuri, the security firm situated in Delaware, USA; malware has infected the websites operating Magento name of an e-commerce platform, while taking victims onto Neutrino the attack toolkit, published pcworld.com dated October 18, 2015.

Senior Malware Researcher Denis Sinegubko at Sucuri wrote that it wasn't really clear what way infection caught the Magento websites. Pcworld.com published this.

Sinegubko further wrote that currently it could be said that certain security flaw within Magento else a third-party extension was behind the infection to websites counting in thousands, in a short period.

The infected Magento websites were maligned for downloading material from a Google blacklisted domain into some iframe, wrote Sinegubko.

Infecting over 7,800 websites, the malevolent domain also came to the notice of Malwarebytes another security firm, in reference to the Neutrino attack toolkit. Pcworld.com published this.

Cyber-attackers plant attack toolkits on authentic web-pages. If any surfer encounters it during the process of browsing in the usual manner then an investigation of the PC starts by the toolkit to find software flaws while incase there's one, the toolkit quietly plants malware.

According to Senior Protection Researcher Jerome Segura at Malwarebytes, the problem creating domain which Sucuri had observed happened to be the one that shoppers searching the Web encountered as Malwarebytes saw it. Buzzteller.com reported this, October 19, 2015.

Web-surfers in the present time who land on the hijacked websites having the iframe had previously been rebounded through the means of various domains that consisted the problem creating one too, which Malwarebytes and Sucuri noticed.

Segura wrote the final web-addresses associated with Neutrino attack toolkit that thrust one Flash exploit as well as installed the Gamarue or Andromeda malicious program. According to him, hijacked equipment could be used to get financial credentials while it could further be added to a massive botnet.

Elsewhere Sinegubko wrote about websites running Magento that they should essentially ensure that every key extension and chief documents are updated. Buzzteller.com reported this.

According to Sinegubko, as the flaw allowed admission into user's database, hackers were in a position to generate damaging administrator consumers; therefore, evaluating one's website consumers would be good idea.

ยป SPAMfighter News - 10/26/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page