Recently there have been several reports of hacking attacks on ecommerce sites. Investigations reveal that the recent behind this latest wave of hacking attacks is the Adminer. Here, in this guide, we explain how this hack occurred and how to fix and secure your site, if you’re a victim. If you’re one of the lucky few who hasn’t been affected by this bug, read on to find how to keep your site protected.
What is the Trouble with Adminer?
The Adminer is a popular MySQL administration tool that ecommerce site owners use to enable remote access to their databases. The problem here is that most websites leave the Adminer publicly accessible. It paves the way for a hacker to attempt to log into the database of the ecommerce site using the Adminer login page.
Just like all other database tools, entry into the Adminer requires knowledge of the username and password. However, the vulnerability here is that the recent hacks show a way to circumvent this requirement. Hackers can obtain the database credentials if they are stored in configuration files on the server. Most popular ecommerce platforms like Magento and WordPress allow hackers to access the database credentials, as it’s stored on the server.
Can Hackers steal critical information from Magento and WP sites?
It was found that the earlier versions of Adminer had a security breach via which hackers can access the file system of the server. Hackers can steal your data by looking for files with the extension .php and the word, “adminer.” Once they find the right files, hackers connect their own database instead of the site’s database.
The hacker can then access the contents of the files stored in the server, where the Adminer is installed. Not just the database credentials, hackers can get hold of your core ecommerce files like the wp-config.php (for WordPress) and local.xml (for Magento). Using this, hackers can steal all your login ids and passwords as well as other settings. Once hackers get access to the website’s database, they can manipulate the data.
What to do if you have been attacked or to prevent such attacks?
Here are the steps to take to mitigate the damage done to your website and to prevent hackers from accessing your critical information:
- If you’re using the Adminer tool, the first step is to ensure that you have the latest version – version 4.6.3 or later.
- If your website has suffered a hacker attack due to the Adminer vulnerability, here’s how to get your site back in order:
- Delete the Adminer script from the root directory and any other publicly accessible folder.
- Change the password to your database. Replace it with a stronger one. Don’t make the mistake of using an old password again, as hackers already know it.
- Look for the Super Socialat WP plugin on your site. It’s a fraudulent plugin that hackers use to gain access to your site details.
- Go through the list of admins on your site. Delete admins that you find suspicious or haven’t created.
- Set a new password for your Magento or WordPress ecommerce site.
- Manually scan all files with the extension .js, .php, .html. See if there are any files that hackers may have added to your server. Delete all suspicious looking files.
- Repeat all the steps outlined above for the Adminer Tool. As mentioned above, make sure that you update it to the latest version before cleaning up.
What can I do to prevent future attacks of my Magento or WP site?
#1. Use HTTPS
The most effective way to protect your site from online cyber-attacks is by using HTTP with SSL. Get an SSL certificate from a recognized vendor. Install it on your ecommerce site and change the settings. Besides improving security, ecommerce sites with HTTPS get a better ranking from Google, thereby boosting your site’s search engine visibility.
#2. Migrate to a Secure Ecommerce Platform
While choosing an ecommerce platform, besides the features, you also have to consider the security of the platform. Some of the most secure ecommerce platforms are Magento and WooCommerce. If you’re using Magento 1, you can consider migrating to Magento 2 to enjoy better security and improved features.
#3. Ensure that Security Hacks do not cause Damage to Customers
Once hackers gain entry into your ecommerce site, they can do a lot of damage to your customers by accessing their sensitive data. The best way to avoid this is by not storing sensitive customer data on your site. Opt for tokenization to prevent credit card thefts on your website. Another option is to send an automated email to your customers once every month, reminding them to change their passwords frequently.
#4. Run Vulnerability Tests
Performing regular vulnerability tests on your ecommerce site help you spot risks before it becomes a major security breach. Once you identify security risks, make sure that they are addressed and fixed immediately. Some of the popular vulnerability scan programs include OpenVAS, Retina CS Community, and MBSA.
#5. Keep your Site Updated and Take Regular Backups
Make sure to update your ecommerce platform as soon as new versions are released. Also, don’t forget to take periodic backups as it ensures that you can retrieve data quickly if your site was unfortunately hacked.
Take the Right Precautions and Stay Protected
The Adminer hack is one of the many recent cyber-attacks. Note that, it occurred not just among Magento and WP ecommerce site, but Joomla online sites as well. While you cannot 100% guarantee your site from hacker attacks, by following the right security measures, you can increase your site’s security. Make use of the tips listed here and keep your data (and customers’ data) safe.