Attacks are likely using Admin or database access to implement the exploit. It appears most impacted sites have not implemented the February 2015 Shoplift patch , or the patch was implemented after the site was already compromised. Attackers can also gain Admin access due to weak passwords, phishing, and other unpatched vulnerabilities. More information about this malicious code is available on the Magento Security Center .
All merchants should take this opportunity to make sure that their sites are secure. We recommend that you:
- Scan your site with a tool like magereport.com
- Apply all patches available on the Community Edition Download Page and in MyAccount
- Check for any unknown files in the system
- Review and remove all unknown Admin accounts
- Change all remaining Admin passwords to strong ones (e.g., they should be long, and include symbols, upper and lower case letters, and numbers)
- Follow security best practices outlined in the Magento user guides
If you need assistance with your store then please contact Reliable Penguin at firstname.lastname@example.org or 866-649-7984.