'Willysy' Infects over 6 Million E-Commerce Websites

Researchers from cybersecurity firm Armorize recently discovered a new malware attack has infected more than 6 million websites operating on the well-known osCommerce online merchant platform.

Known as “willysy,“ the malware exploits a vulnerability in osCommerce and injects a malicious JavaScript code, giving it access into the computers of online shoppers visiting the infected site. Once a visitor's computer has been infiltrated, the malware targets vulnerabilities in Adobe Reader, Java, Internet Explorer, and Windows Help Center.

According to Wayne Huang, chief technical officer at Armorize, researchers traced the malware to eight IP addresses in Ukraine.

The malware can be prevented with an upgrade to osCommerce version 2.3. According to osCommerce, almost a quarter of a million store owners use the open-source software.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News


Written by Admin

QinetiQ's Keith Rhodes Spells Out Keys to Cyber Defense - top government contractors - best government contracting event
QinetiQ's Keith Rhodes Spells Out Keys to Cyber Defense
Northrop Grumman Employees Volunteer at Operation USO