Almost 100 000 Web pages for e-commerce sites that are based on the open source OS Commerce software in accordance with security firm Armorize have been undermined with malware by means of a mass iFrame injection attack.
Chief technology officer at Armorize Wayne Huang, said that the ongoing mass-injection attacks seems to be carried out against the e-commerce sites. The successfully attacked sites are compromised with malware that is then utilized to try and attack visitors to those e-commerce sites.
Huang also adds that while attacks across the Web are not unusual, this one is notable as it is a mass-injection type of attack which is remindful of attacks that were implemented about 3 years ago very frequently but today are not so common.
Within the open-source software, the attackers can be leveraging a known vulnerability as Huang says, adding that attackers aim at lurking and watching for any information which is shared with public about newly detected vulnerabilities in software. He also notes that open source OS Commerce is a famous foundation for an e-commerce site that is rendered a different “look and feel” through diverse templates which are typically sold. Huang observes that some of the customization it provides can be hard to upgrade as it is sometimes “hardcoded”.
The OS Commerce open source group, according to its website, counts 249. 500 owners of store as deploying its Online Merchant software, that is available for free under the GNU General Public License. To the question emailed to OS Commerce there was no immediate response.
- .NET Development
- Banking & Finance
- Communities & Social networks
- Custom App Development
- Development process
- Digital Marketing
- Drupal Development
- E-commerce & Retail
- IT Blog
- IT News
- IT News & Trends
- IT Outsourcing
- Java Development
- Media & Entertainment
- Medicine & Healthcare
- Product engineering
- Project & Resources planning
- QArea inside
- Software Testing
- Start-up Development
- Technology & Innovation
- Travel & Hospitality
- Useful Tips
- Web Design
Go Community: The Best Golang conferences of 2018 (and a few to look out for in 2019)Read more
From Gaming Videos to Redefining Instant Messaging: Quinn Hu's Long Path to Serial EntrepreneurshipRead more
7 Reasons to Truly Love MicroservicesRead more
The Best Languages for MicroservicesRead more
QArea's Year: Summing Up 2018Read more
What's New in Golang 1.11: Release Notes OverviewRead more
Why You Should Start Learning Dart and Flutter Right NowRead more
Golang Vs Python: Which Language Is Best for AI ProgrammingRead more