Some websites running the e-commerce platform Magento appear to have been infected with code that directs victims to the Neutrino exploit kit.
It’s not exactly clear how the Magento sites were infected, wrote Denis Sinegubko, a senior malware researcher with Sucuri, a Delware-based security company.
“At this point, we can suspect that it was some vulnerability in Magento or one of the third-party extensions that allowed it to infect thousands of sites within a short time,” he wrote.
The Magento sites are rigged to pull content into an iframe from a domain which has been blacklisted by Google, Sinegubko wrote.
Source: PC Weekly