Malicious Magento User Creator

Malicious Magento User Creator

We recently found a simple malicious script leveraging Magento’s internal functions to create a new admin user with the admin role “Inchoo” ⁠— probably referring to a Croatian Magento consulting company.

The script is simple but very effective and can easily be overlooked as another Magento file without closer inspection. It’s based on a sample that has been circulating the Internet since 2012 and provides a boilerplate for attackers to easily specify user details.

Continue reading Malicious Magento User Creator at Sucuri Blog.

Via Sucuri.net

Tags: ,