• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Non-Stop Attacks Against osCommerce – Time to Take Action

August 16, 2011David Dede

FacebookTwitterSubscribe

The malware attacks against osCommerce sites are still going at full force and the site owners have to take action to secure and update their sites as soon as possible. Think about that, with so many valuable targets (online stores) that are not updated and secured, why would they stop attacking now?


*If you have an osCommerce site, please follow these steps to make sure it doesn’t keep getting hacked. You can also scan it to check if it’s clean: Sucuri SiteCheck



It all started with the “willysy.com” remote iframe injection, followed by the exero.eu, 1see.ir, tiasissi.com.br and now lamacom.net remote JavaScript injections.

The media was all over the place when it was first released and it infected thousands (if not millions) of sites. However, after a few days the media forgot about it, but unfortunately sites are still getting compromised daily.

Just as an example, the 1see.ir remote JavaScript injection, infected more than 100,000 pages (according to Google) and no one reported it except us:

New injections

These are some of the injections we are seeing in the wild and the amount of pages infected:

  • http://willysy.com/images/banners/ – Currently at 2,750,000 pages
  • http://exero.eu/catalog/jquery.js” – Currently at 140,000 pages
  • http://1see.ir/j/ – Currently at 103,000 pages
  • http://112.164.188.12/hza.html – Currently at 27,000 pages
  • http://tiasissi.com.br/revendedores/jquery/” – Currently at 12,500 pages
  • http://lamacom.net/images/j/ – Currently at 450 pages (just started)

It will probably keep going (with new injections) until people realize they have to secure their sites properly. Anyone can scan their sites for free (and easily) to see if we detect anything wrong: http://sitecheck.sucuri.net

FacebookTwitterSubscribe

Categories: Vulnerability Disclosure, Website Malware InfectionsTags: Hacked Websites, Malware Updates

About David Dede

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

The Anatomy of Website Malware Webinar

How to Clean a Hacked Website Guide

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.