Backdoored Magento Add-Ons Hit Online Retailers

A recent wave of malware infections has compromised numerous online stores using Magento, a popular e-commerce platform, following the discovery of backdoored extensions. According to researchers, the affected extensions were installed as part of a supply-chain attack that introduced malicious code into Magento-based systems. The incident highlights ongoing threats targeting third-party software components, which can bypass traditional security measures and directly impact e-commerce operations.

The compromised extensions, once integrated into online storefronts, allowed attackers to gain unauthorized access, potentially exposing sensitive customer data and transaction information. The scale of the breach has not been disclosed, but the presence of multiple infected sites suggests a coordinated campaign aimed at exploiting Magento’s widespread adoption among online retailers.

Security experts are urging developers and store owners to audit their extensions and monitor for unusual activity. The incident underscores the importance of vetting third-party tools and maintaining rigorous cybersecurity protocols across digital commerce platforms.