Slovenčina 
Čeština 
English 
Shqiptare 
Österreich 
België 
български 
Bosanski 
Українська 
Eesti 
Македонски 
Türkçe 
Deutsch 
Dansk 
Español 
Français 
Suomi 
Ελληνικά 
Hrvatski 
Magyar 
Schweiz 
Italiano 
Lietuvių 
Latviešu 
Nederlands 
Norsk 
Polski 
Português 
Română 
Srpski 
Slovenščina 
Svenska 
The Perfect Storm: Delayed Response Meets Vulnerability
A combination of factors is at the heart of this significant security breach. Adobe Commerce systems have been identified with a critical vulnerability. Numerous merchants have delayed the process of patching. Issues with the complete security of systems, even after updates have been implemented.
Adobe disclosed the vulnerability in June 2024 and released a hotfix in July, but by then, attacks were already ongoing. Automated attacks compromised cryptographic keys, which continued to be used even if stores were updated without key invalidation.
Seven hacker organizations contend for authority
Seven distinct hacker groups (like “Bobry,” “Polyovki,” and others) are competing to control these compromised stores. They use the stolen cryptographic keys to generate API tokens and insert malicious payment skimmers into checkout processes. Their attack methodology involves:
- Utilizing the CosmicSting vulnerability to obtain confidential cryptographic keys
- Using these keys to generate API authorization tokens
- Obtaining confidential customer information
- Incorporating malicious code (skimmers) into checkout processes
This competition has resulted in a peculiar situation in which multiple hacker groups repeatedly infiltrate and evict each other from the same compromised stores.
Source. Depositphotos
Road to Recovery
In order to mitigate this threat, cybersecurity professionals advise merchants that are affected to implement immediate measures:
- Upgrade to the most recent version of Magento or Adobe Commerce
- Invalidate and rotate outdated encryption keys
- Establish resilient malware and vulnerability monitoring systems
Future Prospects: Additional Attacks on the Horizon
Sansec, a cybersecurity firm, anticipates that the number of stores affected will continue to increase, despite these recommendations. According to their research, a startling 75% of Adobe Commerce and Magento installations were unpatched when the automated attacks commenced.
This ongoing vulnerability highlights the critical importance of preventative security measures in the e-commerce sector. The sophistication and persistence of cyber threats targeting these platforms are increasing in tandem with the expansion of online retail.
