Magento community has received reports that some Magento sites are being targeted by Guruincsite malware (Neutrino exploit kit).
The malware can take advantage of situations where an administrative account has been compromised through weak passwords, phishing, or any other unpatched vulnerability that allows for administrative access, so it is important to check for fake user accounts and for leftover demo accounts.
Magento merchants are advised to follow best practices to ensure the security of their sites as well as:
Visit the Magento Security Center at http://magento.com/security/news/important-security-update for more information on how to address this issue and make sure that you have implemented all recent security patches.
Source : http://magento.com/
You must be logged in to post a comment.