{"id":247421,"date":"2022-09-19T07:45:00","date_gmt":"2022-09-19T04:45:00","guid":{"rendered":"https:\/\/inform.click\/magecart-otsis-krediitkaarditeavet-ja-loi-sadadele-e-kaubandussaitidele-mitu-tagaust\/"},"modified":"2022-09-19T08:17:00","modified_gmt":"2022-09-19T05:17:00","slug":"magecart-otsis-krediitkaarditeavet-ja-loi-sadadele-e-kaubandussaitidele-mitu-tagaust","status":"publish","type":"post","link":"https:\/\/inform.click\/et\/magecart-otsis-krediitkaarditeavet-ja-loi-sadadele-e-kaubandussaitidele-mitu-tagaust\/","title":{"rendered":"Magecart otsis krediitkaarditeavet ja l\u00f5i sadadele e-kaubandussaitidele mitu tagaust"},"content":{"rendered":"<p>\n  <strong>L\u00fchidalt:<\/strong> Magecart on j\u00e4lle l\u00f6\u00f6nud ja e-kaubanduse saidid on seekord kohutavas hapukurgis. H\u00e4kkimisr\u00fchmad on tabanud veebiettev\u00f5tteid pahavaraga, mille eesm\u00e4rk on klientide tehinguteabe kogumine, mis pole midagi uut. Uus on see, et pahatahtlik kood avas poodides ka v\u00e4hemalt 19 tagaust, nii et kui administraatorid selle eemaldavad, p\u00e4\u00e4sevad h\u00e4kkerid kiiresti saidile tagasi.\n<\/p>\n<p>\n  Sanseci turvateadlased v\u00e4idavad, et <a href=\"https:\/\/sansec.io\/research\/naturalfreshmall-mass-hack\" target=\"_blank\" rel=\"noopener\">avastasid<\/a>, et jaanuaris sattus ohtu enam kui 500 Magento 1 e-kaubanduse platvormi kasutavat veebipoodi. H\u00e4kkerid kasutasid Magento platvormi \u00fclev\u00f5tmiseks kombinatsiooni SQL-i s\u00fcstimisest (SQLi) ja PHP Object Injectionist (POI). Seej\u00e4rel edastas domeen nimega &#8220;naturalfreshmal&#8221; pahavara n\u00fc\u00fcd haavatavatele saitidele.\n<\/p>\n<p>\n  &#8220;Natural Fresh skimmer n\u00e4itab v\u00f5ltsitud makseh\u00fcpikaknat, alistades (PCI-ga \u00fchilduva) hostitud maksevormi turvalisuse,&#8221; s\u00e4utsus Sansec. &#8220;Maksed saadetakse <a href=\"https:\/\/naturalfreshmall%5B.%5Dcom\/payment\/Payment.php\">aadressile https:\/\/naturalfreshmall[.]com\/payment\/Payment.php<\/a> .&#8221;\n<\/p>\n<p>\n  Omades kontrolli Magento, t\u00e4psemalt plugina nimega &#8220;Quickview&#8221; \u00fcle, sooritas <a href=\"https:\/\/www.techspot.com\/tag\/magecart\/\" target=\"_blank\" rel=\"noopener\">Magecart<\/a> r\u00fcnnaku &#8220;mees keskel&#8221;. Maksete h\u00fcpikaknana esinev pahavara v\u00f5ttis \u00fcle tehinguandmed ja saatis need Magecarti juhitavatesse serveritesse.\n<\/p>\n<p>\n  Lisaks sisaldas pahatahtlik koormus faile, mis l\u00f5id veebisaitidele v\u00e4hemalt 19 tagaust. Seega pole pahavara eemaldamine t\u00f5hus leevendus. Administraatorid peavad esmalt tuvastama ja eemaldama k\u00f5ik tagauksed ning seej\u00e4rel parandama kahjustatud CMS-i.\n<\/p>\n<p>\n  Sanseci s\u00f5nul peitub haavatavus Magento 1 tarkvara amortiseerunud versioonis alates 2020. aastast. Makseplatvormide parandamiseks peavad administraatorid minema \u00fcle Adobe Commerce'i uusimale versioonile v\u00f5i kasutama Magento 1 plaastreid, mille nad saavad <a href=\"https:\/\/www.openmage.org\/\" target=\"_blank\" rel=\"noopener\">OpenMage'i projektist<\/a> alla laadida .\n<\/p>\n<\/p>\n<div id=\"PostUnique_PostSource\" style=\"padding-top: 50px\">\n  : <a target=\"_blank\" rel=\"noopener nofollow\" href=\"https:\/\/www.techspot.com\/news\/93372-magecart-skimmed-credit-card-info-created-multiple-backdoors.html\">techspot.com<\/a>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Sanseci turvateadlased v\u00e4idavad, et avastasid, et jaanuaris sattus ohtu enam kui 500 Magento 1 e-kaubanduse platvormi kasutavat veebipoodi. H\u00e4kkerid kasutasid&#8230;<\/p>\n","protected":false},"author":1,"featured_media":124038,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[520,740,557],"tags":[],"class_list":["post-247421","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-raznoe","category-vork-2","category-pautina"],"_links":{"self":[{"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/posts\/247421","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/comments?post=247421"}],"version-history":[{"count":0,"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/posts\/247421\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/media\/124038"}],"wp:attachment":[{"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/media?parent=247421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/categories?post=247421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/inform.click\/et\/wp-json\/wp\/v2\/tags?post=247421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}