Beware of Fake SUPEE-5344 Patch – Exploiting Magento Admin Access to Steal Payment Details

  • Posted by Envision Ecommerce
  • /
  • February 15, 2016

A critical security patch – SUPEE-5344 was released in the month of Feb, 2015 & we also did a blog to update you regarding that shoplift bug & its vulnerability. (http://demo.envisionecommerce.com///shoplift-bug-is-your-magento-shop-vulnerable-to-itsupee-5344/). While that patch was released so far, but many Magento store owners didn’t update, which further provided hackers with an opportunity to exploit admin access within the Magento application & stealing payment details through JavaScript files & PHP files modifications.

Thus, it is very important to update all Magento versions (preceding to Feb 2015) in tune with SUPPE – 5344.

Due to its high importance, many hackers recognize how essential this patch is for Magento users & some are trying to deploy fake SUPEE-5344 patches on different websites in order to create admin users & fetch payment details. So, beware of the fake SUPEE-5344 patch & make sure to install genuine SUPEE-5344 from the official website of Magento. Also, ensure that you are using the latest Magento version, change passwords of all admin users, examine your Magento admin accounts and supervise the integrity of Magento’s files.

As a focused eCommerce consultant, we also would like to recommend you to segregate your existing eCommerce site from your other sites, particularly those sites that you’ve not updated yet, and protected in against of SUPEE-5344. Even you need to make your Magento store blog live on a separate hosting account. If you are facing any problem regarding SUPPE – 5344 installation, Envision Ecommerce welcomes you & has good news for you as you can avail this installation service (& any other product/service) on 20% OFF (Use Coupon Code: VALENTINE20%).