At least seven hacking groups are behind a massive surge in ‘TrojanOrders’ attacks targeting Magento 2 websites, exploiting a vulnerability that allows the threat actors to compromise vulnerable servers.
Website security firm Sansec warned that almost 40% of Magento 2 websites are being targeted by the attacks, with hacking groups fighting each other over control of an infected site.
These attacks are being used to inject malicious JavaScript code into an online store’s website that can cause significant business disruption and massive customer credit card theft during a busy Black Friday and Cyber Monday period.
The trend is expected to continue as we head towards Christmas when online shops are at their most critical and simultaneously most vulnerable time.
