Self destructing malware on over 5 million infected websites

Galdorf

Galdorf

Well-Known Member
Reaction score
501
Location
Ontario, Canada
banking trojan exploits ecommerce website flaws

The mass attack, which compromises websites running unpatched versions of the osCommerce store-management web application, has spread virally over the past week. When researchers from web security firm Armorize first discovered it on July 24, Google search results suggested just 91,000 webpages were infected. As of Tuesday, those same search results showed the exploit had spread to almost 5 million pages.

The actual malware grabs all kinds of data then self destructs thus a malware scanning program would not pick up anything.
 
Have ya ever heard the story of, Robin hood.
Clyde
The Banks have stolen money from us for years, who are the worst offenders?
Wells Fargo, predatory banking.
Bank Of America, I am so ashamed that they are allowed to have America in the name.
 
All the more reason to set a master password for your saved passwords in Firefox - software like Nirsoft's PasswordFox makes it clear how easy they are to copy if not protected by a master.

Amazes me that Google still refuse to have a similar feature built into Chrome rather than rely on add-on support...
 
Galdorf said:
banking trojan exploits ecommerce website flaws

The mass attack, which compromises websites running unpatched versions of the osCommerce store-management web application, has spread virally over the past week. When researchers from web security firm Armorize first discovered it on July 24, Google search results suggested just 91,000 webpages were infected. As of Tuesday, those same search results showed the exploit had spread to almost 5 million pages.

The actual malware grabs all kinds of data then self destructs thus a malware scanning program would not pick up anything.
Click to expand...

It's crazy what cybercrime/malware is up to these days. I just went to one of Sophos's "Anatomy of an Attack" seminars and it blew my mind. I left the conference wanting to completely unplug everything from the internet. The good news though is that we will all be in business for a while.

If you have a chance though, I highly recommend attending one of these seminars, if only for the awesome free food.
 
It is surprising that the authors wouldn't leave behind botnet malware to infect individual computers that visit those websites. This is common in attacks of this type.

I guess since the virus disappears these sites will continue to be easily infected until patched and it's just a matter of time until this kind of virus comes along.
 
The infection to osCommerce web application has now reached over 8 million webpages wow this is getting scary the amount of people using ie6 getting infected.
 
Lone99star said:
Have ya ever heard the story of, Robin hood.
Clyde
The Banks have stolen money from us for years, who are the worst offenders?
Wells Fargo, predatory banking.
Bank Of America, I am so ashamed that they are allowed to have America in the name.
Click to expand...
I am no fan of banks, and I'm hardly a political person, but the most troubling part of all is the fact that government policies actually were the reason many banks began lending to people who could not keep up the payments. Introductory interest rates on mortgages and so-called "LMI" (low and moderate income) loans were pressured by the government in the late 90s to early 00s in order to try and balance out the ratio of loans between different racial and financial demographics.

Anyway, to remain on topic, yes, this is a troubling infection. I was actually just considering an installation of OSCommerce on a website of my own--so at least I waited until this was worked out! :)
 
myPCTechs said:
It is surprising that the authors wouldn't leave behind botnet malware to infect individual computers that visit those websites. This is common in attacks of this type.

I guess since the virus disappears these sites will continue to be easily infected until patched and it's just a matter of time until this kind of virus comes along.
Click to expand...

May have to do with the way people like us work, if a client brings me an infected machine, I recomend for them to change every password they have, and encorage them to watch their bank account closely for the next few months to be certain if they need to take further steps such as changing CC#'s etc...

If the malware self destructs, there is no trace, no warnings for them to get, IE no reason to bring it to me and get advice, or any reason to suspect something has happened to their system.
 
You must log in or register to reply here.
Back
Top