A new SQL malware is targeting Magento online shops
Researchers and a guide to fix hacked websites
It seems that an SQL script is executed when a user makes a new order and even before a new page is rendered. The researcher Jeroen Boersma discovered the SQL malware and Willem de Groot was the first to analyze it.
Resources
- Willem de Groot blog post
- De Groot malware scanner
- A guide to clean an hacked Magento website
- Magereport service
- Security Affairs post