Page 1 of 1

SQL injection & Flash Player exploits on Wal-Mart's site

Posted: Tue Jun 03, 2008 1:44 pm
by The Masked Marauder
Walmart Hit By The Most Recent SQL Injections has been hit by the latest in a series of SQL injections that serves up malware via javascript. seems to have been injected with a malicious URL that automatically downloads malware to an unsuspecting visitor's computer. When you search, every description area will have a pointer to hxxP://www.sys****.com/b.js (detected as Exploit.HTML.Iframe.FileDownload), which is a malicious script with an iframe pointing to hxxp://en-****.com/cgi-bin/index.cgi?ad . This points to 2 swf (flash) files that take advantage of the latest Flash Player exploit. advert.swf and banner.swf are detected as exploit.flash or exploit.swf and in turn download more malware to the user's machine.

Lavasoft Research Blog