Magento is a popular Content Management System (CMS) deployed at over 200,000 websites as their e-commerce platform. On Sunday, Sucuri published a blog about a Massive Magento Guruincsite Infection that had already infected 1000's of sites. Google has blacklisted almost 8,000 sites over the past 90 days. At this point, it appears that we don't know the original injection vector. According to Sucuri, "It's likely a vulnerability in the Magento CMS software itself or one of the 3rd party extensions installed by the administrator."
