Ethical Hacking News
A massive wave of sophisticated attacks dubbed "CosmicSting" has left an alarming number of Adobe Commerce and Magento online stores vulnerable to exploitation, with over 4,000 shops compromised in this unprecedented attack. This article delves into the details of the CosmicSting vulnerability, its impact on e-commerce businesses, and provides actionable advice for protecting against these attacks.
Over 4,000 Adobe Commerce and Magento shops have been compromised by the "CosmicSting" attack. The attacks leverage CVE-2024-32102 and CVE-2024-2961 vulnerabilities for remote code execution on targeted servers. Threat actors aim to plunder sensitive information such as credit card data and customer details. A patch has been released to address the CVE-2024-32102 vulnerability, with customers advised to upgrade or apply emergency hotfixes. Businesses operating on affected products must prioritize patch management and implement robust security measures.
Adobe Commerce and Magento online stores are under siege, as a wave of sophisticated attacks dubbed "CosmicSting" has left an alarming number of shops vulnerable to exploitation. According to recent reports, over 4,000 Adobe Commerce, Magento shops have been compromised in this massive attack, with threat actors leveraging the CVE-2024-32102 vulnerability – a critical severity information disclosure flaw - in conjunction with CVE-2024-2961, a security issue in glibc's iconv function, to achieve remote code execution on targeted servers. This is a stark reminder of the ever-evolving and relentless nature of cyber threats, as threat actors continually seek out new ways to exploit vulnerabilities and wreak havoc on unsuspecting businesses.
At its core, the CosmicSting attacks are driven by financial motivations, with threat actors seeking to plunder sensitive information such as credit card data and customer details. The attackers have also employed tactics to inject malicious scripts into compromised sites, often masquerading as legitimate JavaScript libraries or analytics packages. This level of sophistication underscores the importance of staying vigilant and proactive in safeguarding against these types of attacks.
Researchers from Sansec have been tracking the CosmicSting attacks since June 2024, observing a significant spike in breaches during this period. The company's findings indicate that multiple threat actors are now conducting these attacks, as patching speeds fail to keep pace with the critical nature of the situation. Furthermore, Sansec projects that more stores will be compromised in the coming months, highlighting the urgent need for businesses to address this vulnerability.
In an effort to mitigate the impact of these attacks, Adobe Commerce and Magento have released patches to address the CVE-2024-32102 vulnerability. Customers are advised to upgrade to the latest versions or apply emergency hotfixes as soon as possible. Sansec has also developed a tool to help identify vulnerable sites and provide an emergency hotfix to block most CosmicSting attacks.
It's worth noting that other products, such as Adobe Commerce Extended Support, Magento Open Source, and Adobe Commerce Webhooks Plugin, are also affected by this vulnerability. Therefore, businesses operating across these domains must prioritize patch management and implement robust security measures to prevent exploitation.
The emergence of the CosmicSting attacks serves as a stark reminder of the ever-present threat landscape that e-commerce businesses face. In light of this, it is essential for companies to invest in cutting-edge security solutions and maintain vigilance in monitoring their systems for signs of compromise. Furthermore, the importance of keeping software up-to-date cannot be overstated, as even the most seemingly secure systems can fall prey to vulnerabilities if not properly patched.
In conclusion, the CosmicSting attacks represent a significant concern for e-commerce businesses operating on Adobe Commerce and Magento platforms. The threat actors behind these attacks are highly sophisticated and financially motivated, with a clear goal of plundering sensitive information from compromised sites. By understanding the nature of this threat and taking proactive steps to address it, businesses can minimize their risk exposure and protect themselves against potential harm.
Related Information:
https://www.bleepingcomputer.com/news/security/over-4-000-adobe-commerce-magento-shops-hacked-in-cosmicsting-attacks/
https://www.bleepingcomputer.com/news/security/cosmicsting-flaw-impacts-75-percent-of-adobe-commerce-magento-sites/
https://nvd.nist.gov/vuln/detail/CVE-2024-32102
https://www.cvedetails.com/cve/CVE-2024-32102/
https://nvd.nist.gov/vuln/detail/CVE-2024-2961
https://www.cvedetails.com/cve/CVE-2024-2961/
Published: Thu Oct 3 12:44:40 2024 by llama3.2 3B Q4_K_M
