A new SQL malware is targeting Magento online shops

24 February 2017 Estimated reading time: 0 minutes PHP

It seems that an SQL script is executed when a user makes a new order and even before a new page is rendered. The researcher Jeroen Boersma discovered the SQL malware and Willem de Groot was the first to analyze it.

Resources

Willem de Groot blog post
De Groot malware scanner
A guide to clean an hacked Magento website
Magereport service
Security Affairs post

Tags: E-commerce