Ecomscan Report on 2020-03-31 13:01:02 UTC, Ecomscan Found 8 Security Issue(S) with Your Store

eComscan report On 2020-03-31 13:01:02 UTC, eComscan found 8 security issue(s) with your store.

Server: app@magento-server Path: /data/web/magento1

Check — Store Software

Identifying the system that powers your store.

✓ Found Magento 1 at /data/web/magento1

A supported store application was found.

Check — Global file scan

Analyzing your files for malware and known vulnerabilities, based on 7000+ threat intel signatures.

✗ malware found: form_grabber_with_jsencrypter_ea9bc In file:/data/web/magento1/js/mage/require.js Timestamps (C/M): 2020-03-31T12:59:31Z 2020-03-31T12:59:31Z

✗ malware found: fetch_cc_details_5d902 In file:/data/web/magento1/query.html Timestamps (C/M): 2020-03-13T12:42:54Z 2018-09-30T17:18:22Z

✗ malware found: burner_domain_cloudfusion_me_2e731 In file:/data/web/magento1/checkout.html Timestamps (C/M): 2020-03-13T12:42:54Z 2018-09-30T11:50:48Z

Successfully scanned 10862 code/executable files. What next?

Check — Exposed database managers

Database managers on production systems are a common attack vector for online stores.

✗ vulnerability found: Adminer database manager In file:/data/web/magento1/willem/a.php Timestamps (C/M): 2020-03-13T12:43:04Z 2018-02-20T08:24:43Z

What next?

Check — Magento SQL injection flaw Unpatched versions of Magento have an SQL injection flaw that allows attackers to fetch your admin passwords.

✓ Did not find any malware or vulnerabilities.

More info about this check.

Check — Magento 2 XSS flaw (RIPSTECH)

Unpatched versions of Magento 2 have an XSS flaw that allows attackers to hijack admin sessions.

✓ Did not find any malware or vulnerabilities.

More info about this check.

Check — Magento 1 database scan

Analyzing relevant tables for injected malware.

✗ malware found: indonesian_hackers_c81f3 In db:core_config_data.design/head/includes

✗ malware found: rogue_admin_account_62f33 In db:admin_user.email More info.

✗ malware found: burner_domain_mage_storage_pw_5e53b In db:information_schema.triggers.sales_flat_order

Scanned 155 rows in 6 tables, using the database from /data/web/magento1/app/etc/ local.xml. What next?

Check — Magento 1 Insecure extensions

Checking your installed extensions for known insecure versions.

✗ vulnerability found: VladimirPopov_WebForms In module:/data/web/magento1/app/code/community/VladimirPopov/WebForms Remove or upgrade to 2.8.0. More info.

NB. Even if modules are renamed or disabled, they may still pose a threat to your system. It is recommended to always upgrade or remove vulnerable code completely.

This report was generated by eComscan, the most effective malware and vulnerability monitor for online stores, scanning over 200.000 stores daily.

Please contact us at [email protected] for assistance or a manual root cause analysis.

Version: 1.2.0, running interactive Command line: ecomscan [email protected] magento1/ Sanguine Security Europalaan 20, 3526 KS Utrecht The Netherlands

This report is based on the most recent and extensive threat intelligence. However, Sanguine Security provides this information "as is" without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose, correctness and completeness.