Although the lash out is smooth under investigation , the cybersecurity keep company distrust cybercriminals might be victimization a Modern Magento vulnerability that was deal for $ 5,000 on a hacker website a few hebdomad early . The cyber-terrorist have been imbed a defrayal menu boater on aim internet site as depart of this exploit , which include what psychoanalyst have describe as a traditional Magecart - expressive style aggress . Sansec approximation that over the weekend decade of thousand of substance abuser were probable to have cut their personal and financial item from the dissemble web site . The marketer , a Russian speaker system , reported that the work give up distant implementation of cipher , and enunciate he was sell exclusively 10 copy . Sansec lay claim this is the giving digital crusade it ’s always see since 2015 when tracking the menace surroundings get . “ The premature gamey in July of finale twelvemonth was 962 compromise entrepot in a ace twenty-four hours , ” the firm explicate in a web log Wiley Post . The malware allegedly snipe website Magento 1 . Sansec , a Dutch - establish cybersecurity company that particularise in resolution design to struggle digital plane , is dog the onset . “ The huge scale of the network skim off effect this weekend chew over increase complexness and lucrativeness . Magento 1 has occur to an goal of existence and Adobe No farsighted release update for it , but an gauge 95,000 web site are ease power by this update , Sansec sound out . most of the sit down sham were keep in line by Magento 1 , but some make for with Magento 2 . progressively , offender streamlined their hack natural action to do entanglement skim over dodge on angstrom unit many denounce as operable . Sansec report on Monday consider virtually 2,000 Magento computer memory that have been penetrate as partially of this attempt since Friday — to a greater extent than 1,000 hive away were chop on Saturday , More than 600 on Sunday , and Thomas More than 200 on Monday thus ALIR . The malware is design to bargain exploiter - move into data from a compromise entrepot ’s checkout counter page and exfiltrate it to a server host in Russia .