Netvora logo
Submit Startup Subscribe
Home About Contact Submit Startup Subscribe

Hundreds of Webshops Impacted by Backdoor in Magento Extensions

Comment

Hundreds of Webshops Impacted by Backdoor in Magento Extensions

Netvora May 3, 2025 at 01:30 PM Security
Hundreds of Webshops Impacted by Backdoor in Magento Extensions

Hundreds of Webshops Impacted by Backdoor in Magento Extensions

By Netvora Tech News

Security researchers at Sansec have discovered a staggering number of webshops have been impacted by a backdoor added to extensions for Magento webshop software. The backdoor, which allows attackers to gain full control over servers, was added to applications from three suppliers: Tigren, Meetanshi, and Magesolution (MGS). The compromised software was released between 2019 and 2022, but the backdoor was only recently activated. The backdoor was discovered in 21 applications from the three suppliers, which were compromised years ago. The security researchers warn that webshops using software from these suppliers should check for the presence of the backdoor. Sansec has alerted the three suppliers, but MGS and Tigren have not commented on the issue. MGS has not responded to the warning, but the compromised software was still available for download from their official website as of April 30. Tigren denies being compromised, but the researchers found the backdoored packages still available for download on April 30. Meetanshi has confirmed that their server was compromised, but denies that the software was modified.

The Impact

The widespread impact of the backdoor is significant, with an estimated 500 to 1,000 webshops potentially affected. The backdoor allows attackers to gain full control over servers, giving them access to sensitive data and the ability to launch attacks on other webshops and customers.

The Consequences

The consequences of the backdoor's presence are severe. Webshops using the affected software are at risk of being compromised, with attackers able to gain access to sensitive data and launch attacks on other webshops and customers. The compromised software could also be used to spread malware and phishing attacks.

What You Can Do

If you are a webshop using software from one of the affected suppliers, it is essential to check for the presence of the backdoor. Sansec recommends that you take immediate action to secure your server and protect your data. If you are unsure about the security of your webshop, it is recommended that you seek the advice of a security expert.

Comments (0)

Leave a comment

Back to homepage

You might also like