Magento malware poses as a patch for a year-old vulnerability.
If you run a Magento-based online store, you may recall Securi's warning about an important update for the ecommerce software that fixed a bug that could allow attackers to take over a site.
The same company is now warning that the Bad Guys are taking advantage of a year-old Magento vulnerability in a very sneaky way - a fake version of Magento's SUPEE-5344 patch is circulating, and instead of patching the ecommerce software it is actually malware that exploits the vulnerability to purports to fix!
The malware is able to steal customers' login credentials and other information. It also allows the modification of various files, which could be used to extract the payment information (ie, credit card details) when customers place orders.
So if you are still using a version of Magento that was released before February 2015, make sure the real SUPEE-5344 patch has been applied. And ask yourself why you're using an out-of-date and insecure version of the software for such an important function.
Securi's description of the fake patch includes some tips for maintaining the security of Magento sites.
And if you're a buyer rather than a seller, the same article has some tips for safer internet shopping.