Security researchers say they’ve identified at last 1,000 Magento sites that have been hacked by cybercriminals and infected with malicious scripts that steal payment card details or are used as staging points in the delivery of other malware. “The Magento sites are being compromised through brute-force attacks using common and known default Magento credentials,” Flashpoint researchers say.
ORIGINAL SOURCE: Bleeping Computer