CyberSecurityBoard
Sponsor Register Login

Hackers Weaponized 21 Apps to Gain Full Control of Ecommerce Servers

With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Security researchers have recently uncovered a sophisticated supply chain attack targeting ecommerce platforms through 21 widely-used applications. The scale of the attack is significant, with security experts estimating between 500 and 1000 ecommerce stores currently running the compromised software. The backdoor maintains a consistent structure across all affected packages while varying specific elements like authorization checksums, backdoor paths, and license filenames to evade detection. The backdoor, which remained dormant for six years after its initial injection between 2019 and 2022, has recently activated, providing attackers with complete control over affected servers. Though planted years ago, the code only began showing signs of active exploitation from April 20, 2025, demonstrating an alarming level of patience and strategic planning by the threat actors behind the campaign. A fourth vendor, Weltpixel, may also be compromised, though investigators have not yet confirmed whether the company itself was breached or if specific stores using their extensions were individually targeted. While older versions (2019) required no authentication, later iterations implemented verification using hardcoded checksums and salt values unique to each vendor. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. Sansec researchers identified the backdoor across multiple applications from three major vendors: Tigren, Meetanshi, and Magesolution (MGS). This widespread distribution highlights the devastating potential of supply chain attacks to impact numerous organizations through trusted software providers. This function allows attackers to inject malicious code through the $licenseFile parameter, which they can manipulate using the adminUploadLicense function. The malware operates through a deceptive license verification mechanism embedded within extensions from popular vendors.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 05 May 2025 18:00:20 +0000


Cyber News related to Hackers Weaponized 21 Apps to Gain Full Control of Ecommerce Servers

ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store - On Android devices, one of the apps analyzed by researchers has more than 100,000 downloads, tracks, and shares location data with ByteDance and Amazon, etc. ChatGPT, the AI software, has already taken the Internet by storm, and that is why ...
2 years ago Hackread.com Everest
Data Insecurity: Experts Sound the Alarm on 4 Apps Putting User Privacy at Risk - Even though many of us rely on apps to entertain us, guide us, manage our exercise, and connect with family and friends, they are notoriously hard to trust. In an age when technology is constantly evolving, it is almost impossible to tell if a ...
1 year ago Cysecurity.news
Halting Hackers on the Holidays 2023 Part II: The Apps You Trust - Most free flashlight apps are creepware - also known as malware that spies on you and your online behavior and could pass along information to others. The problem doesn't begin and end with flashlight apps, though. Many seemingly innocuous apps that ...
1 year ago Cyberdefensemagazine.com
Future of eCommerce: Emerging Technologies Shaping Online Retail in 2024 - Top-notch stores are moving online as eCommerce continues to lead with breakthrough innovations that are transforming global business operations and consumer shopping behaviours. This blog post explores how technologies such as Artificial ...
1 year ago Hackread.com
Malicious Android 'Vapor' apps on Google Play installed 60 million times - Although all of these apps have since been removed from Google Play, there's a significant risk that Vapor will return through new apps as the threat actors have already demonstrated the ability to bypass Google's review process. Bitdefender ...
2 months ago Bleepingcomputer.com
Android App Security Alert: Proactive Measures to Prevent Unauthorized Control - The latest security alert comes from Microsoft's team who discovered a new vulnerability that may give hackers complete control of your smartphone. The latest security alert is triggered by the discovery of a new security flaw which can allow hackers ...
1 year ago Cysecurity.news
Beyond SSL: Advanced Cyber Security Tools Every eCommerce Site Needs - If you’re operating an eCommerce platform and relying solely on SSL certificates to secure your website, you’re essentially placing a lock on your front door while leaving your windows wide open. Multi-Factor Authentication (MFA) adds an ...
1 month ago Cybersecuritynews.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
10 Key Things You Need to Know About the Sophisticated Vastflux Ad Fraud Scheme - At the end of April 2015, researchers from Distil Networks reported the discovery of a sophisticated ad fraud network, Vastflux, which had been around since at least January 2014. The network used sophisticated malware targeting both iOS and Android ...
2 years ago Securityweek.com
Microsoft notifies UK customers affected by hackers abusing 'verified publisher' tag - Microsoft said it has notified customers impacted by a campaign that involved the abuse of the company's "Verified publisher" status to allow access to a victim's cloud environments. Accounts can gain verified publisher status when an app publisher ...
2 years ago Therecord.media
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Hack Corporate Email Accounts - Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations' cloud environments and steal email. ...
2 years ago Thehackernews.com
Google Online Security Blog: I/O 2024: What's new in Android security and privacy - As their tactics evolve in sophistication and scale, we continually adapt and enhance our advanced security features and AI-powered protections to help keep Android users safe. Today, we're announcing more new fraud and scam protection features ...
1 year ago Security.googleblog.com Cloak
The age of weaponized LLMs is here - It's exactly what one researcher, Julian Hazell, was able to simulate, adding to a collection of studies that, altogether, signify a seismic shift in cyber threats: the era of weaponized LLMs is here. The research all adds up to one thing: LLMs are ...
1 year ago Venturebeat.com
Alert: iPhone Push Notifications Exploited Users Data - The security researcher found users privacy concerns in iPhone push notifications, the apps accessing the accelerometer. It also details some privacy concerns regarding app access to this sensor. Some apps have been found to collect accelerometer ...
1 year ago Hackersonlineclub.com
Hackers Weaponized 21 Apps to Gain Full Control of Ecommerce Servers - With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. ...
2 weeks ago Cybersecuritynews.com
This year's resolution: remove nosey apps from your device - Some apps are plain greedy-like a stranger you invite for a meal who insists on ordering everything on the menu. Here's what upset me: After I downloaded the companion app that helps control it for my phone, the app wanted permission to make and ...
1 year ago Blog.avast.com
10 Ways a Digital Shield Protects Apps and APIs - While far from perfect, this approach provided multilayer security defenses to protect apps and APIs. As network architectures gradually became more complex, so did protecting apps and APIs. The on-premises enterprise environment gave way to a hybrid ...
1 year ago Darkreading.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Cybercriminals expand targeting of Iranian bank customers with known mobile malware - Researchers have uncovered more than 200 fake mobile apps that mimic major Iranian banks to steal information from their customers. The campaign was first discovered in July of this year, but since then, the cybercriminals have expanded their ...
1 year ago Therecord.media
Ushering in the Next Phase of Mobile App Adoption: Bolstering Growth with Unyielding Security - In recent years, mobile apps have surged in popularity providing consumers with instant access to a variety of life essentials such as finances, education, and healthcare to life's pleasures such as shopping, sports, and gaming. With the popularity ...
1 year ago Cyberdefensemagazine.com
Crypto scam apps infiltrate Apple App Store and Google Play - Operators of high-yielding investment scams known as "Pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps. Pig butchering scams have been happening for a few ...
2 years ago Bleepingcomputer.com
Attack of the copycats: How impostor apps and fake app mods could bite you - Instant communication services are among the most popular apps on iOS and Android alike - US non-profit operation Signal has an estimated 40 million users, with the figure rising to 700 million for Telegram, another open-source messaging service. ...
1 year ago Welivesecurity.com
Ten new Android banking trojans targeted 985 bank apps in 2023 - This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. Banking trojans are malware that targets people's online bank ...
1 year ago Bleepingcomputer.com
How ID Scanning Apps Can Prevent Fraud - One effective solution is the use of ID scanning applications. These apps provide businesses with an efficient method to verify customer identities and reduce the risk of fraud. In this article, we will explore how ID scanning apps help prevent fraud ...
1 year ago Hackread.com
Kimsuky Group Using Weaponized file Deploy AppleSeed Malware - Hackers use weaponized LNK files to exploit vulnerabilities in Windows operating systems. These files often contain malicious code that can be executed when the user clicks on the shortcut. These weaponized files allow threat actors to perform ...
1 year ago Cybersecuritynews.com Kimsuky

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)