We have identified a PrestaShop vulnerability that affected around 200 shops worldwide.
We advise you to take action, by ensuring your business against it.
In the last few months, we saw a significantly higher rate of hacked Prestashops even though the system is well known for the security that offers. If in the past 10 years we had only a few cases (3-4) of hacked shops in the Prestashop field, in the last 4 months we had over 10 requests either to analyze or fix the hacked store.
The main objective of these hacks is to inject JavaScript skimmers onto checkout pages on e-commerce websites.
In order to carry out this attack, hackers gained access to websites, either directly or through third-party services, and then injected malicious JavaScript to steal the information that customers type into online payment forms, which are generally seen on checkout pages.
Online businesses typically lack visibility into their web-facing attack surfaces, which are exploited by hackers. The victims frequently aren't aware that the JavaScript on their website has been altered, allowing the malicious code to remain there indefinitely. In supply-chain assaults, it's typical for the victim to be unaware of the danger posed by the hacked third-party JavaScript on their website or that they are executing code from the compromised supplier.
The hackers altered the checkout page and replaced the standard credit card form with their own one.
The following examples show the various issues this could have caused:
- Theft of personal information: while credit card information is the main objective of these assaults, thieves can also steal personal information. Millions of consumers could potentially be impacted by this.
- Revenue loss: Online sales for a small- to medium-sized eCommerce retailer that was previously violated by these attacks may decline significantly. Customers might stop trusting the retailer's capacity to stop future breaches as a result.
- Additional infection: If a hacker group steals administrator and user login information, they may be able to extend the attack and infect more websites. For instance, a hacker group can compromise not just the primary site but also the secondary sites of a brand.
- Legal damages: A hacker attack exposes a business to customer lawsuits, legal consequences if the business is subject to legislation like GDPR, and industry penalties like a PCI DSS audit and the inability to take credit cards.
What can be done?
- Run a thorough check of the shop files for intrusion and identify any unwanted modifications
- The execution of the compromised files can be prevented by deploying Imunify on the server.
- We used Clarity Module Pro extensively to locate the problems and determine whether or not card information had been compromised.
- Enabling double authentication for the admin panel would be recommended.
The above-mentioned options have a one-time fee of 200 EUR and a monthly cost of 15 EUR.
Preventing a problem is always preferable to treating it. We strongly advise taking the above-mentioned precautions to keep your store secure.