Mass injection campaign affects 3.8 million pages

August 1, 2011

More than three million web pages have been compromised with malware as part of a mass IFRAME injection attack targeting unpatched versions of the open source e-commerce framework, OSCommerce, researchers at web application security firm Armorize have warned. The attack, which appears to originate in the Ukraine, has affected 3.8 million sites, which are running OSCommerce version 2.2 and earlier. Those who visit an affected site are pointed to the malicious domains willysy.com or exero.eu. After a series of redirects, users end up at a domain that attempts to exploit multiple web browser and PDF vulnerabilities, and install a variant of SpyEye.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Learn More

Angela Moscaritolo

Phishing

Multiple backdoors spread through fake AI, business tools

Laura FrenchApril 3, 2025

Sites mimicking DeepSeek, AutoCAD, UltraViewer and more lead to remote system access.

Malware

Covert compromise facilitated by new crop of malware loaders

SC StaffApril 3, 2025

More advanced obfuscation techniques have been adopted by a new Hijack Loader malware variant, the SHELBY malware, and the Emmenhtal Loader to facilitate clandestine compromise, according to The Hacker News.

Malware

Updated Triada trojan compromises thousands of Android devices

SC StaffApril 3, 2025

Updated Triada trojan compromises thousands of Android devices BleepingComputer reports that at least 3,000 Android devices that are counterfeits of widely known smartphones, most of which are in Russia, were confirmed to have been pre-installed with the latest iteration of the modular and stealthy Triada trojan.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news