'Willysy' Infects over 6 Million E-Commerce Websites

Researchers from cybersecurity firm Armorize recently discovered a new malware attack has infected more than 6 million websites operating on the well-known osCommerce online merchant platform.

Known as “willysy,” the malware exploits a vulnerability in osCommerce and injects a malicious JavaScript code, giving it access into the computers of online shoppers visiting the infected site. Once a visitor’s computer has been infiltrated, the malware targets vulnerabilities in Adobe Reader, Java, Internet Explorer, and Windows Help Center.

According to Wayne Huang, chief technical officer at Armorize, researchers traced the malware to eight IP addresses in Ukraine.

The malware can be prevented with an upgrade to osCommerce version 2.3. According to osCommerce, almost a quarter of a million store owners use the open-source software.

You may also be interested in...

Red Hat’s David Egts: Open-Source Training, ‘Sense of Mission’ Could Help Agencies Address Cyber Skills Gap

David Egts, chief technologist for Red Hat’s North American public sector, has said there are several options …

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication

The Department of Health and Human Services has released a four-volume document that outlines 10 …

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019

Some of the trends in the cybersecurity market to watch in 2019 include the availability …