{"id":22113,"date":"2016-02-14T22:31:30","date_gmt":"2016-02-15T06:31:30","guid":{"rendered":"http:\/\/lifeboat.com\/blog\/2016\/02\/attackers-try-to-compromise-magento-with-a-fake-patch"},"modified":"2017-06-04T20:11:04","modified_gmt":"2017-06-05T03:11:04","slug":"attackers-try-to-compromise-magento-with-a-fake-patch","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2016\/02\/attackers-try-to-compromise-magento-with-a-fake-patch","title":{"rendered":"Attackers try to compromise Magento with a fake patch"},"content":{"rendered":"<p><a class=\"blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/attackers-try-to-compromise-magento-with-a-fake-patch.jpg\"><\/a><\/p>\n<p>Watch out for new patch from Magento \u2014 hackers are at it again.<\/p>\n<hr>\n<p>Attackers are still trying to find Magento installations that haven\u2019t patched a particularly bad vulnerability, this time trying to trick people into downloading a fake patch.<\/p>\n<p>The bogus patch purports to fix a flaw known as the <a href=\"https:\/\/magento.com\/security\/patches\/supee-5344-%E2%80%93-shoplift-bug-patch\">Shoplift Bug<\/a>, or SUPEE-5344, wrote Denis Sinegubko, a senior malware researcher with Sucuri.<\/p>\n<p>\u201cWhile the patch was released February 2015, many sites unfortunately did not update,\u201d he <a href=\"https:\/\/blog.sucuri.net\/2016\/02\/fake-supee-5344-patch-steals-payment-details.html\">wrote<\/a>. \u201cThis gave hackers an opportunity to compromise thousands of Magento powered online stores.\u201d<\/p>\n<p><a href=\"http:\/\/www.pcworld.com\/article\/3033166\/attackers-try-to-compromise-magento-with-a-fake-patch.html\" target=\"_blank\">Read more<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Watch out for new patch from Magento \u2014 hackers are at it again. Attackers are still trying to find Magento installations that haven\u2019t patched a particularly bad vulnerability, this time trying to trick people into downloading a fake patch. The bogus patch purports to fix a flaw known as the Shoplift Bug, or SUPEE-5344, wrote [\u2026]<\/p>\n","protected":false},"author":395,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-22113","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/22113","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/395"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=22113"}],"version-history":[{"count":2,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/22113\/revisions"}],"predecessor-version":[{"id":68455,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/22113\/revisions\/68455"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=22113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=22113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=22113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}