Malware Wave Infects Six Million e-Commerce Pages

A malware infection initially reported last month has continued to spread across e-commerce Websites and now affects more than six million Web pages, according to security firm Armorize.

The attack has spread rapidly despite the fact that it exploits flaws that were patched last autumn, according to the firm.

Known flaws

The malware, called Willysy, exploits bugs in an e-commerce platform called osCommerce that were patched in version 2.3 of the software, released last November. The current version is 3.0.1. The open source osCommerce platform claims to have about 250,000 users, including small and medium-sized businesses and developers.

As of 3 August the malware affected about 6.3 million individual Web pages, Armorize said in an advisory. When the firm initially identified Willysy, on 24 July, it affected 90,000 pages.

Armorize traced the origin of the attack to eight Ukraine-based IP addresses. The attack places an invisible frame, known as an iFrame, on the affected Web page which injects malicious JavaScript code into the page.

When visitors arrive at an infected page the malware targets vulnerabilities in Java, Adobe Reader, Windows Help Centre and Internet Explorer, according to Armorize. These flaws, too, are known and have been patched.

Malware wave

In 2009 security firm ScanSafe reported a campaign in which more than 57,000 legitimate Websites were infected to load malware on visitors’ computers and steal their passwords. That attack also used a malicious iFrame via SQL injection.

The iFrame in turn loaded what ScanSafe Senior Security Researcher Mary Landesman described as a “potent Trojan cocktail consisting of backdoors, password stealers, and downloader” on the compromised Web pages.

Last year VeriSign created an online security clinic for smaller businesses designed to help them deal with security threats and build customer trust and confidence online.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

View Comments

  • Thank you for this post on the recent wave of malware affecting many web pages over the last two weeks. As malware continues to grow more sophisticated and widespread it is important to take steps to keep devices protected. For free security solutions or to join the discussion on online security, why not pay us a visit at https://www.facebook.com/avgfree?

    Best regards,

    Maria Arenillas
    Community Manager at AVG

Recent Posts

OpenAI In Talks With California Over For-Profit Shift

OpenAI reportedly begins early talks with California attorney general over complex transition from nonprofit to…

2 hours ago

EU To Assess Apple’s iPad Compliance Plans

European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…

2 hours ago

James Dyson Says ‘Spiteful’ Budget Will Kill Start-Ups

James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…

3 hours ago

Nvidia, Meta Ask Supreme Court To Axe Investor Lawsuits

Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…

3 hours ago

Nvidia To Replace Intel On Dow Jones Industrial Average

Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…

4 hours ago

Toyota-Backed Joby Flies ‘Air Taxi’ In Japan

Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…

4 hours ago