Magento Security Notice: Guruincsite Malware

Magento Hosting

Sucuri recently reported that many Magento websites are being targeted by the Guruincsite Malware (Neutrino exploit kit) where the hackers inject malicious scripts that create iframes from the “guruincsite” website.

Google blacklisted more than 8,000 websites which are infected by this malware so if your website is blacklisted by Google, this may be the reason for it.

The Magento Team have not identified a new attack vector at this time but rather have found that all websites that were checked show as vulnerable to a previously identified Code Execution Issue (SUPEE-5344) for which a patch was released in early 2015.

If you are infected by the Guruincsite Malware, you can sign up for the Sucuri Website AntiVirus packages. Sucuri will go through your files and databases to remove all the infections and submit an unblock request for the blacklist with Google.

Once the infections are removed, please make sure all Magento Security Patches are installed and Magento Security Best Practices are followed to prevent reinfection.