Adobe announced yesterday plans to buy the Magento e-commerce platform for $1.68 billion. While the Magento brand is mostly known for the open source online store CMS of the same name, Adobe was mostly interested in Magento Commerce, an online-store-as-a-service platform.
Security researchers say they've identified at last 1,000 Magento sites that have been hacked by cybercriminals and infected with malicious scripts that steal payment card details or are used as staging points in the delivery of other malware.
Dutch malware experts have found a new malware strain that targets online shops running on the Magento platform, which can self-heal using code hidden in the website's database.
Nearly 6,700 online stores running on top of the Magento platform are infected with the Visbot malware that hides on web servers, steals credit card information, encrypts it, hides it inside an image, and sends the encrypted credit card data to a crook's servers afterward.
Web sites running the Magento eCommerce platform are currently being targeted by an attacker who infects them with a new ransomware called KimcilWare. This ransomware will encrypt all the data on the web site and demand $140 to $415 USD in order to get the data back.