Currently, which technologies could easily be hacked

No panic! Shop or site hacked? Here's how to do the right thing

The Federal Office for Information Security (BSI) warns online shops that use older versions of the Magento e-commerce software against malware. It could be used by hackers to smuggle in Trojans in order to spy out customers' payment information during the ordering process and then to clear their accounts. What should you do if you suspect your website or shop may be infected with malware?

Share this article
The race is likely to be as old as the development of software itself: attackers try to find gaps in the system in order to exploit them for themselves. The programmers close the gap and eventually make another mistake that is exploited again. This (annoying) race keeps an entire industry going. Virus scanner providers make a living from it. The victim is the user, whose system is then used to distribute malicious program code. And that can also affect every retailer, regardless of whether Magento or another system is used. But what to do when the time comes, or when the suspicion creeps in that the installation may have been affected?
Despite the change in tempo, some good things are valuable longer. Smart studies, useful tips, useful tools. That is why we are presenting you the best timeless items from etailment in loose succession.

Don't panic - analyze damage

Panic is a bad advisor. This is especially true when analyzing and repairing damage to IT systems. Of course, in an emergency, you need to be in a hurry, but you will make better progress if you act properly.

If you only suspect that your shop may have been infected with malicious code, perhaps for a long time, and that it is spreading it, visit the Google Safe Browsing page, for example. Enter the URL of your shop there and wait for the result. If the page is classified there as inconspicuous, this does not yet mean that the system was not infected at that moment. However, the site has not yet appeared on Google, i.e. the harmful consequences for the reputation of the retailer, such as warnings on the Google results pages or in the browser, are not yet available.

Google malware check

The top priority - apply patches

Dealers who maintain their installations of Magento, Wordpress or other systems themselves should read the headlines of IT magazines on the Internet carefully or set up a Google Alert for the system they are using. This is where current gaps are reported as quickly as possible and initial countermeasures are usually outlined. Subscribing to newsletters on the topic is also useful for shop operators who have outsourced the care and maintenance of the system to a service provider. It doesn't hurt to find out about the current status there.

The most important countermeasure against malware, as simple as it sounds, is to have a system that is kept up to date. If the software has an automatic update mechanism, this should also be activated. And if there is a special patch in the case of a current threat scenario, it must be installed as soon as possible.

Check code and database

Malicious programs always make changes to the installed installation that can sometimes be more or less easily detected. The database should be examined carefully. Especially when it comes to the registered users. Does the database really only contain the accounts that should have access? Or does a "backup user" suddenly appear there that you have not set up at all?

The templates for the pages are also popular gateways. In the simplest case, the file structure already shows the current modification date of the files. Basically, script calls in header or footer files are suspicious and you should carefully check what is called in them.

Online scanners can be used to check security gaps in shop systems, such as Magento here

If the system is based on PHP files, a text editor search for "base64_decode ()" and "eval ()" can detect any malicious code. Then the file should be replaced with an uninfected original version.

Install security plug-ins

For the most popular content management and shop systems, there are now a number of plug-ins that examine the system for damage and also point out any open security gaps. Their installation is therefore definitely recommended. Examples are the products from Sucuri. The makers of Magento recommend performing a scan yourself with

Hire a service provider

Those who do not trust themselves to do the clean-up work can also fall back on the offer of service providers. Most manufacturers of security plug-ins also offer the option to rid the system of malicious code.

© pepsprog /

These hacker attacks shock online retailers

Ransomware, DDoS, viruses: In 2016, cyber criminals once again displayed a great deal of criminal energy. Etailment shows a selection of spectacular attacks. Read more

© Mikko Lemola / Fotolia

More DDoS attacks: How online retailers protect themselves against hackers

More and more often, so-called DDoS attacks paralyze the pages of Internet services and web shops. But online retailers can protect themselves so as not to fall victim to a cyber attack. Read more

Hacker alarm: In a video interview, security experts explain how quickly data theft can happen and how shops protect themselves against it

It was not just the mega-vulnerability, Heartbleed, that showed that the security of customer data on the web is not the best. Millions of data theft had already caused unrest and significant losses in sales from some US chains such as Target. But online retailing still takes the problem lightly. Security expert Jean Pascal Pereira from makes it clear in a video interview with Adrian Hotz from Inside eCommerce how easy it is for hackers to trade. Read more


In this edition

    Courage to start again

    How to get your business going again


    With the right influencers for more sales


    Secondhand gains market share

Read epaper