Malware alert: Do not open email with fake patch SUPEE-9789

April 24, 2017


Hackers impersonating Magento Commerce have sent an email that contains malware to merchants and agencies using our products. This misleading email encourages users to open an attachment that purportedly includes a necessary security patch, but instead launches a virus. Do not open the email or its attachment.

How to safely download Magento code?

Magento Commerce never sends patches using email or attachments. Instead, use these methods to safely download our code:

  • Download patches from

  • Download Magento using Composer

How to get the Magento software gives a helpful overview on these secure methods for downloading our code.

More information?

See Warning: fake Magento patch 9789 contains virus for more information on this attack.