Walmart web site hacked and hosting spam

  • April 15, 2010

A few days ago someone contacted us asking for help to clean up their site. They got hacked and the attacker added a bunch of spam links to it.

We fixed it for them and we decided to search for more sites that were also infected. Our surprise: One of Walmart official web sites, www.walmartcommunity.com (for their Community Action Network) was one of the first results.

If you look at their source page you will see all the spam links:

Die, Mommie, Die! download movie..
Lethal Weapon 2 download movie.. 
Black Rain download movie
The World Is Not Enough download movie
..

Checking their site with our malware scanner we noticed that all their pages have these spam entries:


It means that the attackers probably injected the spam in one of their templates files. After a bit of search, we found all of them inside the footer.php:

We tried to contact them, but only got their automated response (web site help), so hopefully with this post they will fix it. They are running WordPress 2.8.4, which is not that old, so I am assuming they got hacked via stolen FTP/SSH credentials or something like that.

As always, if you need help to recover from a malware/hacking attack or need someone to monitor your web site for these issues, visit http://sucuri.net or just send us an email at contact@sucuri.net.

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Related Tags
7 comments

  1. Hello,
    your articles are pretty good… Thanks for your work. I added your RSS to my bloglist. I would appreciate if you did the same with mine (if, of course, it is worth) http://infond.blogspot.com
    please, don't validate this commentary 🙂
    Bests,
    t0ka7a

Comments are closed.

Related Categories
You May Also Like