Widespread Retail Hacks Exploit Adobe Commerce, Magento Vulnerabilities

A significant wave of cyberattacks beginning in the summer of 2023 has put the spotlight on vulnerabilities in Adobe Commerce and Magento software, resulting in the compromise of sensitive customer information across numerous online stores. Cybercriminals have meticulously exploited these vulnerabilities, employing digital payment skimmers to gain unauthorized access to critical data.

Extent of the Breach

The scale of this breach is alarming, with over 4,300 merchants falling victim to these cyberattacks, including prominent names such as Cisco and National Geographic. The attacks are noteworthy for their rapid escalation, peaking at a rate of five stores per hour. This infiltration underscores the need for robust cybersecurity measures in the e-commerce sector.

Vulnerability Details

Two key vulnerabilities are at the heart of this cyberattack campaign: CVE-2024-34102, also known as CosmicSting, and CVE-2024-2961. The CosmicSting flaw enables attackers to steal credentials and secret cryptographic keys, which in turn allows them to hijack customer data and insert payment skimmers. When combined with CVE-2024-2961, attackers gain the ability to execute code and install backdoors on servers, creating additional pathways for exploitation.

Attack Timeline and Discovery

The campaign’s discovery can be credited to security researcher Sergey Temnikov, who identified the threat and reported it to HackerOne in December 2023. Adobe was subsequently alerted in January 2024, and a patch to address these vulnerabilities was released in June. Despite this, many stores remained vulnerable due to the complex and technical nature of the remediation required to fully secure the affected systems.

Impacted Parties

Both minor and major online merchants have been targeted in these attacks. Attack groups like Ondatry have systematically exploited these vulnerabilities to steal data, exploiting weaknesses in the affected systems. The organizations that have fallen victim to these hacks must go through the painstaking process of manually invalidating stolen cryptographic keys to thwart further unauthorized access.

Remediation Efforts

In response to the vulnerabilities, Adobe rolled out a security update followed by a hotfix aimed at disabling old encryption keys. Nevertheless, the process is intricate and prone to errors, posing significant challenges for effective and timely implementation. This complexity has left many merchants grappling with ongoing security concerns, despite the availability of patches and fixes.

Overarching Trends and Consensus Viewpoints

Within the cybersecurity community, there is a consensus on the persistent threat posed by digital skimming attacks on e-commerce platforms. Experts underscore the urgent need for timely patching and rigorous key management practices to combat these threats. The growing sophistication of cybercriminals, coupled with their use of automated tools to exploit known vulnerabilities, has been a recurring theme in various cybersecurity incidents.

Summary of Main Findings

The CosmicSting vulnerability has led to widespread exploitation of Adobe Commerce and Magento stores, revealing critical weaknesses in widely used e-commerce platforms. Although efforts to patch these vulnerabilities are ongoing, many online merchants remain vulnerable due to the technical complexity of the required remediation steps. The financial and reputational damages from these breaches are substantial, highlighting the importance of robust cybersecurity measures and swift response actions.

Conclusion

Starting in the summer of 2023, a notable surge in cyberattacks has revealed critical weaknesses in Adobe Commerce and Magento software. These breaches have compromised sensitive customer information across a multitude of online stores, drawing significant attention to the issue. Cybercriminals have skillfully exploited these vulnerabilities, using digital payment skimmers to gain unauthorized access to crucial data. This wave of attacks highlights the urgent need for heightened security measures within e-commerce platforms. Businesses using Adobe Commerce and Magento must now prioritize updating their security protocols to protect both their operations and their customers’ personal information. The spotlight on these vulnerabilities underscores the importance of proactive cybersecurity practices. As cyber threats become more sophisticated, the capacity to safeguard digital transactions remains paramount. This situation serves as a wake-up call for online retailers to regularly test and fortify their defenses against potential breaches. Only through diligent effort can they ensure the safety of customer data in an increasingly digital marketplace.

Explore more

GNOME Extensions Significantly Reduce Linux Battery Life

The long-standing assumption that Linux distributions naturally outperform Windows in power management often crumbles when subjected to rigorous real-world battery testing on modern mobile hardware. While the core Linux kernel remains an engineering marvel of efficiency, the modern software landscape has introduced layers of complexity that frequently negate these inherent advantages. Desktop environments, which serve as the primary interface for

How to Install the macOS 27 Golden Gate Public Beta

The evolution of the Mac operating system reaches a pivotal moment with the release of the macOS 27 Golden Gate Public Beta, offering a glimpse into the next generation of computing. For enthusiasts and early adopters, this release represents more than just a seasonal update; it serves as a foundation for a new era of interaction between humans and hardware.

Is UiPath Stock a Genuine Bargain or a Value Trap?

The rapid evolution of robotic process automation into the sophisticated realm of agentic artificial intelligence has left many investors questioning whether pioneers like UiPath still hold a competitive edge in an increasingly crowded software market. While the company once dominated the landscape by automating repetitive tasks, the current technological shift demands a much deeper integration of cognitive capabilities that can

How Does the ClaudeFix Campaign Exploit Trust in AI?

As artificial intelligence platforms become central to daily productivity, threat actors have shifted their focus toward subverting the inherent credibility of these tools to facilitate sophisticated social engineering schemes. The emergence of the ClaudeFix campaign demonstrates an alarming evolution in cybercrime, where attackers no longer rely solely on poorly designed spoofed websites but instead leverage the legitimate infrastructure of major

Ransomware Costs Rise as Tactics Shift to Identity Theft

The digital extortion landscape has undergone a radical transformation as traditional file encryption loses its efficacy against organizations that have finally mastered the art of robust, offline backup solutions. While the initial ransomware wave relied on locking down systems to demand a fee, modern threat actors like LockBit and BlackCat have pivoted toward a more insidious strategy: stealing the very