February 13, 2020

Magento Bitrix Exploit

Starting 2/13/2020 at 5:40AM EDT it appears some new bot network is scanning for a new form of exploit regarding a Magento (1) Bitrix connector exploit.

It appears to be trying known location of bitrix installs. Sec teams should monitor and/or ban these sessions at their App firewall level.

If you are running Bitrix connector make sure you have the latest patched plugins.

Locations being scanned:
/2002/bitrix/admin
/2004/bitrix/admin
/2000/bitrix/admin
/123/bitrix/admin (Seriously??)
/10/bitrix/admin/

It had been a relatively quiet past few days with relatively no bot scanning activity.

Silva Tech Solutions LLC

February 13, 2020

Magento Bitrix Exploit

Recent Posts

Google Merchant Security Woes

Magento 2 Homepage 404

Spin-up Fast Local WordPress Development Instances using Ubuntu Multipass

Magento2 – Guest Checkout Credit Card Messages

Coronavirus Will Accelerate World Wide Adoption of Automation Technologies