Fix Hacked Magento

For the last few months, I have been discussing how to resolve hacks with various Wordpress sites and tips to not only remedy these issues, but also how to maintain your website security going forwards. First things first, I hate hackers. Not all hackers of course, just those who cause harm to innocent people trying to make a living. They’re bastards to put it bluntly. For the last few weeks I have had people trying to hack into one of my own blogs… attempting to brute forcing their way into my admin dashboard. I have my eye on them however, and their attempts to cause me bother has resulted in me installing a firewall proxy to halt their little shitty actions. I guess this is why I like writing about how to not only avoid these issues, but how to fix them when they arise and the necessary steps to take moving forward.

Hackers Compromised Your Magento Website?

This time around I am going to focus on the increasingly popular Magento, an e-commerce platform programmed in PHP. Many large companies use this platform to build their sites and take payments from customers. If you are a smaller company and you use Magento it is your prerogative to ensure that you not only have your website running as secure as possible, but that you also protect the data of your customers, specifically payment information. Magento is a very secure payment gateway (like PayPal ), and as a result of this popularity is subject to increasingly creative hacking attempts.

Magento websites are usually hacked in one of four ways:

1. Ransomware - This is a form of malicious code or software that locks and encrypts a websites files. Usually these hacks request a ransom to be paid to unlock the website files back to the owner, the currency is often the hard to track bitcoin. Ransomware is often easy to spot and you will know straight away, with the hacker locking the website data and linking to their ransom demands with an index.html file.
2. Server Infection/Phishing - A server infection/phishing attack does not usually affect your sites usability, but it does often use a code injection to store user information in a secret folder. The hackers aim is to acquire as much of your data for it’s own uses as possible. They can then use this data to send spam to out mass spam to all of your users.
3. Site Defacement - This is where the hacker attains ‘bragging rights’, by trolling you (read: making you look like an idiot) with images not associated with your company. Perhaps something explicit or even something offensive. These hacking attacks may not even be a personal attack, they may just be the work of an opportunist hacker.
4. Stealing Valuable Information - All Magento sites take online payments and often store customer information. This makes them a common target for hackers (career thieves in this instance). These attacks store and steal a customers details and payment information. 

But what if you have been notified by customers of fraudulent transactions following a payment on your website? This issue is never a good thing… it’s one that can be beyond damaging to not only the trust your customers have in you, but a lingering stain on your company’s name.

An issue like this won’t just go away, you need to check your Magento websites files and folders and get to the bottom of this. You don’t want your companies reputation to be bent over the proverbial barrel whilst a hacker has their wicked way with you.

If your site is hacked, you will need to perform a website scan and see exactly where you have been compromised. This is where we fly in like a caped crusader to help save the day… or rather to advise you on the next steps to take.

1. Download the simple to use exploit scanner from HERE. This creates a site specific file which will download to your computer.
2. Upload this to your Magento site, it works exactly like installing a module.
3. Activate the scanner, and let it do all the work of scanning your files. Initially there may be a slight impact to the website speed, but in the long run it will resolve the issues you have.
4. Following the scan, we tell you which files are corrupted and which could be exploited. Providing you with a solution to any exploitation issues you may have.

Nothing in life is ever easy, especially responding to unfortunate instances such as being hacked and the possibility of having your customers personal details leaked to a horrible scumbag who wants to relieve folks of their funds.

If you are unsure of what to do following the scan of your Magento website, you can contact one of our Experts who can assist you with fixing any problems you may have and exactly how to remove the malware that has infected your website.