Organizations that haven't updated their Magento sites with the SUPEE-5344 security patch for the Shoplift Bug run the risk of having their sites compromised by wily hackers pitching a fake patch, according to a blog post penned by Denis Sinegubko, a Sucuri senior malware researcher.
“Because of the severity of the vulnerability, many hackers know how important that patch is and some are even trying to piggyback on it,” wrote Sinegubko, noting that while the fake patch appears to be a real fix to the Shoplift remote code execution vulnerability, “the code actually belonged to a Magento credit card stealing malware which exploited the very bug that SUPEE-5344 is supposed to be fixing.”
He urged organizations to update their Magento sites using the SUPEE-5344 patch, calling it “the most important patch that should be applied to all Magento versions released prior to February 2015.”