E-commerce & Retail, IT Blog, Security,

Web Pages Of E-commerce Sites Under Attack About 100 000

1 m read
QArea Expert
QArea Expert Marketing Manager
July 29, 2011
Share on
Reading Time: 1 minute


Almost 100 000 Web pages for e-commerce sites that are based on the open source OS Commerce software in accordance with security firm Armorize have been undermined with malware by means of a mass iFrame injection attack.

Chief technology officer at Armorize Wayne Huang, said that the ongoing mass-injection attacks seems to be carried out against the e-commerce sites. The successfully attacked sites are compromised with malware that is then utilized to try and attack visitors to those e-commerce sites.

Huang also adds that while attacks across the Web are not unusual, this one is notable as it is a mass-injection type of attack which is remindful of attacks that were implemented about 3 years ago very frequently but today are not so common.

Within the open-source software, the attackers can be leveraging a known vulnerability as Huang says, adding that attackers aim at lurking and watching for any information which is shared with public about newly detected vulnerabilities in software. He also notes that open source OS Commerce is a famous foundation for an e-commerce site that is rendered a different “look and feel” through diverse templates which are typically sold. Huang observes that some of the customization it provides can be hard to upgrade as it is sometimes “hardcoded”.

The OS Commerce open source group, according to its website, counts 249. 500 owners of store as deploying its Online Merchant software, that is available for free under the GNU General Public License. To the question emailed to OS Commerce there was no immediate response.


Recent Posts

  • Best Frontend Programming Languages to Create Beautiful and Fast Interfaces

    Read more
  • Capability Maturity Model Integration – QArea's big journey

    Read more
  • QArea is a Unique Services Provider in 2019 CEE Awards

    Read more
  • Ultimate Development Trends in 2018 to Reward Your Business in 2019

    Read more
  • Why You Should Write Your Next Microservice Using Golang

    Read more
  • 7 Reasons to Truly Love Microservices

    Read more
  • The Best Languages for Microservices

    Read more
  • QArea's Year: Summing Up 2018

    Read more



Share on
Privacy Preference Center