Brace yourselves: Exploit published for serious Magento bug allowing card skimming [Updated]

Attack code was published on Friday that exploits a critical vulnerability in the Magento e-commerce platform, all but guaranteeing it will be used to plant payment card skimmers on sites that have yet to install a recently released patch.PRODSECBUG-2198 is a SQL injection vulnerability that attackers can exploit with no authentication required. To be fully protected against all vulnerabilities, sites will have to upgrade to Magento Commerce or Open Source 2.3.1 or 2.2.8.In an emailed statement, Magento officials wrote: "As the majority of exploits tend to target software installations that are not up-to-date with the latest security updates, we always strongly recommend that users install security updates as soon as they are available. More information can be found here: https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update."Montpas said Magento site administrators can check to see if their site has been targeted in 2198 exploits by checking the access_log file for multiple hits to the following path:/catalog/product/frontend_action_synchronizeA small number of hits to that path may indicate a legitimate request, but more than a couple dozen hits from the same IP address in a few minutes should be considered suspicious.This post was originally published on 3/28/2019, 2:58 PM.