Showing results for 
Search instead for 
Did you mean: 

Visbot malware, 7000 Magento stores affected

Visbot malware, 7000 Magento stores affected

 TL,DR: check your store with MageReport, it detects new malware that steals sensitive data like customers credit cart details.


I got this email from MageReport, decided to share it here for those who are not subscribed, because think that it is important.


We’ve just added a new security check to Visbot malware.

Visbot is a particular type of malware that is found on hacked Magento stores. It intercepts POST requests to the server (so anything submitted by visitors, such as passwords and payment data), encrypts it and stores it into an hidden image file. This “image” is periodically retrieved by criminals and – presumably – sold on the black market.

The first documented case of Visbot malware goes back to March 2015. Our scans show that roughly 7000 Magento stores worldwide have been identified as running the malware.

To see if your Magento shop contains the malware, please rescan your shop on If you do, we also tell you how to find it.



Alex Levashov, eCommerce consultant at Magenable
We help businesses to build and improve Magento stores