Try Pick Colors osCommerce Malware Hack

April 1, 2011

The Try Pick Colors osCommerce malware hack utilizes a vulnerability in osCommerce to place code into website that causes them to distribute malware. Malware scripts are placed in .html, .php, and .js files.

To clean the website, the website needs to be reverted to a clean backup or the hack code need to be removed from the files and any backdoor scripts added to the website need to be removed (our Basic Backdoor Script Finder will find some of the most popular backdoor scripts).

For osCommerce 2.2, the best way to prevent the vulnerabilities from being exploited is by renaming and password protecting the admin directory. osCommerce 2.3 does not contain the vulnerabilites, but it is still recommend to rename and password protect the admin directory.

Recent Code Format on .html and .php files:

Recent Code Format on .js files:

Recent Code Format on .php files:

Recent Virus Scan Identification: JS:Redirector-FX, JS/ScrLd-E