Security experts have discovered a new strain of malware that is targeted websites raising the Magento eCommerce platform. The novelty is that this is the first a malware that hides the code in the website’s database is completely written in SQL. The malware is triggered every time a user places a new order, the “SQL trigger” is then executed before the Magento platform even assembles the web page. The trigger is executed every time a new order is made. The query checks for the existence of the malware in the header, footer, copyright and every CMS block. If absent, it will re-add itself. The malware could be used to steal user payment card data belonging to the users of Magento eCommerce websites. In order to discover the presence of the SQL malware, administrators have to inspect the database searching for suspicious SQL triggers such as containing admin, .js, script or < (html tags) as described here.