{"id":72517,"date":"2011-08-06T07:13:10","date_gmt":"2011-08-06T07:13:10","guid":{"rendered":"https:\/\/localhost\/wordpress\/?p=72517"},"modified":"2011-08-06T07:13:10","modified_gmt":"2011-08-06T07:13:10","slug":"massive-attack-targeting-oscommerce-sites","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/massive-attack-targeting-oscommerce-sites\/","title":{"rendered":"Massive Attack targeting osCommerce sites"},"content":{"rendered":"<p>More than 90,000 websites were found to be infected with an iframe that points to:- willysy(dot)com.<\/p>\n<p>The effected websites were found using the osCommerce which is an open source e-commerce package used by small vendors to manage their online shops.<\/p>\n<p>An iframe is a line of code inserted into a webpage that loads data from another website.<br \/>\nIf a user lands on a webpage with an infected iframe inserted at the bottom of the page, it can automatically download dangerous malware onto the user&#8217;s system (this is known as a drive-by download).<\/p>\n<p>This redirection leads to an exploit kit that abuses the following vulnerabilities in an attempt to download a malicious file onto systems:<\/p>\n<p><a title=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-0840\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-0840\">CVE-2010-0840<\/a><br \/>\n<a title=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-0188\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-0188\">CVE-2010-0188<\/a><br \/>\n<a title=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-0886\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-0886\">CVE-2010-0886<\/a><br \/>\n<a title=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2006-0003\" href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2006-0003\">CVE-2006-0003<\/a><\/p>\n<p>Upon execution of the malicious malware it searches for the Internet cookies and history to steal the login information related with banking websites.<\/p>\n<p><a href=\"https:\/\/www.quickheal.com\/\">Quick Heal<\/a> detects the downloaded files and blocks the malicious website through its &#8216;Browser Protection&#8217; feature.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>More than 90,000 websites were found to be infected with an iframe that points to:- willysy(dot)com. The effected websites were found using the osCommerce which is an open source e-commerce package used by small vendors to manage their online shops. An iframe is a line of code inserted into a webpage that loads data from [&hellip;]<\/p>\n","protected":false},"author":22,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24,4],"tags":[77,49,25,38],"class_list":["post-72517","post","type-post","status-publish","format-standard","hentry","category-malware","category-news","tag-drive-by-download","tag-malware","tag-phishing","tag-vulnerability"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72517"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/22"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=72517"}],"version-history":[{"count":0,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/72517\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=72517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=72517"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=72517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}