Walmart Hit By The Most Recent SQL Injections

by Dave2 on June 2nd, 2008 in Security Alert. has been hit by the latest in a series of SQL injections that serves up malware via javascript. seems to have been injected with a malicious URL that automatically downloads malware to an unsuspecting visitors computer. Every description area when you search will have a pointer to hXXP://www.sys****.com/b.js (detected as Exploit.HTML.Iframe.FileDownload) which is a malicious script with an iframe pointing to hXXp://en-****.com/cgi-bin/index.cgi?ad this points to 2 swf (flash) files that take advantage of the latest flash player exploit. Advert.swf and banner.swf are detected as exploit.flash or exploit.swf and in turn download more malware to the users machine.

Our Research team has attempted to contact's admin to notify them of this issue. While we haven't yet received a reply from Walmart reps as to whether they're aware of the exploit, we will be keeping an eye on this we will update when it has been cleared up and is safe to surf again.

Until then make sure you have the latest version of software installed on your computer, there are hundreds of thousands of sites that have been injected in the same way as this one and your best bet on not becoming infected is to stay updated.

I did some digging and did not see any other pages that have been exploited but that certainly does not mean there isn't any or that there won't be any.




No votes yet


Our best antivirus yet!

Fresh new look. Faster scanning. Better protection.

Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

Download adaware antivirus 12
No thanks, continue to
close x

Discover the new adaware antivirus 12

Our best antivirus yet

Download Now