Massive Attack targeting osCommerce sites

More than 90,000 websites were found to be infected with an iframe that points to:- willysy(dot)com.

The effected websites were found using the osCommerce which is an open source e-commerce package used by small vendors to manage their online shops.

An iframe is a line of code inserted into a webpage that loads data from another website.
If a user lands on a webpage with an infected iframe inserted at the bottom of the page, it can automatically download dangerous malware onto the user’s system (this is known as a drive-by download).

This redirection leads to an exploit kit that abuses the following vulnerabilities in an attempt to download a malicious file onto systems:

CVE-2010-0840
CVE-2010-0188
CVE-2010-0886
CVE-2006-0003

Upon execution of the malicious malware it searches for the Internet cookies and history to steal the login information related with banking websites.

Quick Heal detects the downloaded files and blocks the malicious website through its ‘Browser Protection’ feature.

Ranjeet Menon

Ranjeet Menon

You may also like...

Malware through online songs website

3 Important Things You Should Know About Heartbleed

Classic lies you should not let a cyber criminal use on you

No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image

This website uses cookies to ensure you get the best experience on our website. Learn more