Over 380,000 URLs have been infected with malicious scripts in a massive SQL injection attack.
The injected code has been monitored over the past week as anti-malware companies worked out what was happening. The injected code redirects users to malicious addresses such as FakeAV and RougeAV.
The attack was first blogged about by Websense when only 28,000 sites were compromised but it soon started to spread across more URLs and domains. It was given the name LizaMoon by Websense because the original injected code called JavaScript routines stored at lizamoon.com, a URL registered a few days ago.Apart from a score of anti-malware trackers watching LizaMoon’s progress, it appears that the attackers are also monitoring the situation. Fresh code pointers are updated on infected Web sites to point to new JavaScript-hosting sites as the older hosting URL addresses are blocked.
Extremely large as this attack may be, John Kuhn, a senior global Internet threat analyst at IBM Internet Security Systems, still reckons it is not yet the biggest injection attack in recent years.
“We are not seeing near the volume compared to the ‘asprox’ and ‘dnf666’ attacks,” he blogged. “The reason for this is simple, the attacks seem to source from a few choice IPs which correspond back to the site being injected into the victim’s database. The Asprox SQL Injection attack, for instance, utilised a botnet to do the mass injection, giving them far more reach and bandwidth.”
Several iTunes sites have been infected but the way iTunes works, by encoding script tags, means that users were never at risk as the code could not execute on their machines.
SQL injection seems to be enjoying a phase of popularity at the moment and earlier this week sites belonging to Oracle’s Sun and MySQL subsidiaries were infected.
Most people in the United States view TikTok as a Chinese influence tool a poll…
UK regulator confirms it is investigating whether OnlyFans is doing enough to prevent children accessing…
Dismissed staff file complaint with a US labor board, and allege Google unlawfully terminated their…
Elon Musk dismisses two senior Tesla executives, plus the entire division that runs Tesla's Supercharger…
Eight newspaper publishers in the US allege Microsoft and OpenAI used their millions of their…
US judge sentences Binance founder, Changpeng Zhao, to four months in prison for ignoring money…
View Comments
They should give a death sentence for something like this if they can ever catch the perpetrators. Such and act hurts thousand upon thousands of people who's livelihoods and families may well depend on their website as a way of earning a living. I know they wont but they should. They need a very strong deterrent. This is as serious as the drug issue when analysed.