Global CyberSecurity

Examining Unique Magento Backdoors


Published on 08/04/2021 – Last Updated on 08/04/2021 by OTC

During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution capabilities. The techniques used by the attackers in these backdoors illustrates the ever-changing landscape of website security and highlights some of the tactics used to avoid traditional backdoor detection.

Reflection Functions

One such backdoor was appended to the Magento core file /errors/503.php:

This sample takes user input from the โ€œIDโ€ URL parameter and builds a reflection function, where the object stored in the $func variable will now reflect whichever function the attacker passed as input.

Continue reading Examining Unique Magento Backdoors at Sucuri Blog.

Indian Navy begins the sea trials of Indigenous Aircraft Carrier Vikrant

Previous article

Report to U.S. Congress on China Naval Modernization: Implications for U.S. Navy Capabilities

Next article

You may also like


Comments are closed.