Magento Credit Card Hack

Yes once again Magento is being targetted for credit card fraud. According to Flashpoint, “attackers who are using brute-force password attacks to access administration panels to scrape credit card numbers and install malware that mines cryptocurrency.”
Why you ask?  Well the stealing credit card is obvious but the mining?  Well  Magento has a big footprint in terms of hosting needs and so does cryptocurrency mining.  So what better way than to steal that power from someone else.  Bit like “sharing”  your neighbor’s cable TV link. But not as innocuous.
But don’t worry too much.  Their efforts are simply brute-force attacks using common and known default Magento credentials.  These kind of attacks only work when user names are not changed from the default install. Of course they can also try other common admin users using simple automated scripts loaded with known credentials.  If you want to know how it works after that check the Flashpoint article.
What do you need to do?  Well they advise “to review CMS account logins and mitigate their exposure to brute-force attacks by enforcing the following password-hygiene practices:

  • Enforce organizational password complexity requirements.
  • Restrict users from recycling previously used passwords.
  • Enable two-factor authentication for sensitive systems, applications, databases, and remote access solutions.
  • Supply users with secure password managers to assist with password requirements.”