Kieran Murphy
read

magmiOrganisations utilising the Magmi mass importer for their Magento websites should be aware that we have been seeing escalating numbers of websites being compromised through this plugin.

The issue relates to the Magmi plugin being implemented insecurely, which enables an attacker to utilise the Magmi importing and file download capabilities to obtain arbitrary files from the site or load malware/web shells/backdoors into the “victim” website to:

  • Steal customer data.
  • Steal transaction data (credit/debit cards).
  • Modify the website.

How to Secure the Magmi Plugin on Your Magento Website

Securing the Magmi Plugin is simple and web admins are strongly encouraged to check that they have implemented strong authentication and access controls to the Magmi UI (more information on this can be found at http://wiki.magmi.org/index.php?title=Securing_Magmi_UI_access). Passwords chosen to secure the Magmi UI should be secure, ideally at least 12 characters in length and a combination of uppercase and lowercase letters, numbers and symbols.

The developer of Magmi has given feedback on this alert, and has given information on how to cleanup most compromised servers, as well as how to limit access to Magmi from a single machine and test vulnerability.

FGX-Web Alert and FGX-Web Protect clients have their websites monitored for malware and unauthorised changes, which will ensure that attacks such as these are identified and stopped quickly.

 

Subscribe to our Blog

Contact Us

Access cybersecurity advisory services

 

Kieran Murphy
Kieran Murphy

See All Articles
SUBSCRIBE

Subscribe to our blog

Security never stops. Get the most up-to-date information by subscribing to the Foregenix blog.