Backdoor admin accounts
Found a suspicious admin account in your store? It is likely a remnant of a successful attack.
Malicious admin accounts found on 71% of hacked stores
When cyber criminals gain (unauthorized) access to a store, they often add an extra administrator account. This ensures future access to the attacker, in case their primary access channel is lost.
To counter these kind of backdoors, you should periodically review your staff accounts and disable any that you do not recognize. It is also good practice to disable accounts that have not been used in a while. And finally, ensure that all your staff accounts have MFA (multi-factor authentication) enabled.
Found one of these accounts in your admin panel?
Your store has been compromised. It is strongly recommended to run a malware scanner and start an investigation to find the root cause. Attackers may have abused a vulnerability in your code platform code, or one of your staff passwords has been intercepted. Without a root cause analysis, the abuse will likely continue.
If you want, Sansec security specialists can run a cleanup and investigation for you. We have resolved incidents on hundreds of ecommerce sites.
> Get us started ASAP
Live overview of backdoor admin accounts
These malicious admin accounts have been identified by our eComscan malware detection engine. We crawl more than 400 thousands eCommerce stores per day and identify 20 to 50 compromised stores each day.
Read more
Scan your store now
for malware & vulnerabilities
eComscan is the most thorough security scanner for Magento, Adobe Commerce, Shopware, WooCommerce and many more.
Learn more
