mage.jpg malware
<span class="text">app/Mage.php</span>) intercepts payment details such as credit card numbers and billing addresses, it encrypts the data and saves it as a fake mage.jpg file in the Magento root directory. This file can later be downloaded, decrypted, and used for no good. The malware even includes a clever way for the hackers to remotely delete the mage.jpg file after they’ve downloaded its contents. This way, they can reduce the trace left behind and thus the chances of being discovered. There are multiple ways that this – and other – malicious code could be injected into a Magento installation. In the article, SnapFast covers a few ways (think malicious third party modules or a compromised server) that would-be hackers could potentially use to inject this or similar malicious code into your Magento installation. If it has been a while you have verified the integrity and security of your Magento installation and its environment, this might be a good time to do it.
Your greatest possible competitive advantage can be your clients and the interactions they have with… Read More
Digital marketing KPIs are measurable values that marketing teams use to track progress toward desired… Read More
In today's digital age, fraud poses a significant threat to businesses of all sizes. As… Read More
Financial crimes continue to evolve and proliferate in our increasingly digital, global economy. From complex… Read More
In the highly competitive modern workplace, trust, and employee loyalty are crucial factors for long-term… Read More
In the ever-evolving world of small business developing and implementing effective marketing strategies is critical to… Read More
View Comments
The timing of this post is suspicious. This sounds like the kind of thing that could be a April Fool's joke, although based on the source article, it looks legitimate.
Unfortunately it's no joke. We had a client and their dev team stumble upon the issue a few days ago. Since then the same dev team has scanned a few of the other sites they manage and found the same malware in a handful of others. Thankfully we haven't detected it on any other of our customer's stores yet.
Ok, thanks for clarifying.