HKCERT Warns of Large-scale Attacks on Online Shop System

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), managed by the Hong Kong Productivity Council (HKPC), today (4 August 2011) alerted businesses and members of the public of a large-scale injection attack targeting websites using osCommerce software - a popular open source online shop e-commerce application.

In a recent proactive information security monitoring operation, HKCERT observed that more than 90,000 webpages were infected globally, with over 2,000 pages in Hong Kong being infected. The number of infected pages is still on the rise, according to HKCERT.

Compromised websites are injected with malicious hyperlinks, which in turn redirect visiting users of such websites to other malicious websites. Subsequently the users’ machines may be infected with the malware.

HKCERT has already issued notice and security bulletin about the large-scale code injection against osCommerce vulnerabilities, with details on ways to detect the attack and recovery (/my_url/en/alert/11080201).

As a preventive measure and best practice in information security, HKCERT advises website administrators using osCommerce to check their webpages and databases, and set password to protect the administration directory (/admin/) of their systems using the .htaccess file.

HKCERT also warns users of online shopping websites to beware of the potential risk. They should always maintain their security patch up to date, use anti-malware software and the latest version of browsers, disable Javascript in browsers, and turn on personal firewalls. They are also reminded not to visit any unsolicited websites.

For incidents reporting or enquiries, please contact the HKCERT hotline at tel: (852) 8105 6060, or email: [email protected].