Three weeks ago, it became apparent that approximately 20 frequently used Magento modules contained a safety leak. It turned out that the leak is heavily used by a hacker group named Magecart. We immediately reacted by implementing a configuration change to offer an initial protection for these vulnerable modules. Since the implementation, Hypernode blocked a shocking number of nearly 100,000 hack attempts.
If you use one of these vulnerable modules, you have to patch the module(s) as soon as possible (if there is one available) or, if necessary, temporarily switch them off. For more background information and a list of the vulnerable modules, see the article written by Willem de Groot, security researcher and founder of Hypernode.
Talking Hypernode numbers
Due to the effort of the Magento community, it soon became clear which routes the hackers took. By blocking these routes, we were able to turn down a large number of the hacking attempts on server level. Because all Hypernodes have the exact same configuration, our platform makes it possible to quickly set up a security blockade for these threads. This in contrast to other hosting providers that do not use the same level of standardization and automation.
– Due to our server configuration change, hack attempts were blocked on 689 Hypernodes.
– In total, 93,433 hack attempts have been blocked.
– On every Hypernode, between 1-200 hack attempts have been blocked.
– On one Hypernode we managed to avert more than 5000 hack attempts.
What do these results say?
- Every shop is vulnerable and every shop is interesting for hackers. It is foolish to think that hackers will skip the smaller shops. These kind of hacks are fully automated and executed worldwide. (Check for instance this example from Infowars)
- Hypernode is one of its kind in terms of security. We have implemented countless of these types of server side fixes with which we protected shops for all kinds of known and unknown security issues. Because Hypernode believes in the power of standardization and automation, we can apply these kind of security fixes as the fastest hosting provider in the world for 2,000+ Magento shops at once.
- But, and this is really important, this server fix does not solve the entire problem. Therefore it is essential to update/patch or temporarily switch off the concerning modules as quickly as possible.
Do you want to check if your shop is vulnerable? We have added a number of checks on MageReport!