The malware attacks against osCommerce sites are still going at full force and the site owners have to take action to secure and update their sites as soon as possible. Think about that, with so many valuable targets (online stores) that are not updated and secured, why would they stop attacking now?
The media was all over the place when it was first released and it infected thousands (if not millions) of sites. However, after a few days the media forgot about it, but unfortunately sites are still getting compromised daily.
These are some of the injections we are seeing in the wild and the amount of pages infected:
- http://willysy.com/images/banners/ – Currently at 2,750,000 pages
- http://exero.eu/catalog/jquery.js” – Currently at 140,000 pages
- http://1see.ir/j/ – Currently at 103,000 pages
- http://220.127.116.11/hza.html – Currently at 27,000 pages
- http://tiasissi.com.br/revendedores/jquery/” – Currently at 12,500 pages
- http://lamacom.net/images/j/ – Currently at 450 pages (just started)
It will probably keep going (with new injections) until people realize they have to secure their sites properly. Anyone can scan their sites for free (and easily) to see if we detect anything wrong: http://sitecheck.sucuri.net