Researchers from Sucuri Labs are warning that thousands of websites that use the Magento content management system (CMS) have been infected by malware. Google has already blacklisted 8,000 sites that have malicious scripts from guruincsite.com. In all, more than 200,000 websites use Magento.
Experts haven't yet determined how the malware is spreading, but Sucuri Labs says it was likely "some vulnerability in Magento or one of the third-party extensions that allowed it to infect thousands of sites within a short time." Multiple developers are reporting that they found the malware in the Footer - Miscellaneous Scripts areas of their sites.