Online Support |
| MSN: |
dbappsecurity@hotmail.com |
| skype: |
dbappsecurity |
| Tel: |
+86-755-88877909 |
SQL injection attack knocks out at least 132K websites
Source:itknowledgeexchange
Attack in progress detects website errors and injects malicious scripts.
More than 132,000 websites, many of them small and void of any Web administrators, are being plucked off one by one by an automated SQL injection attack that is detecting website errors and then injecting malicious scripts to turn the sites into an attack platform.
The attacks, first detected in November by researchers at Web security vendor ScanSafe, are injecting malicious iFrames that install a backdoor Trojan. The Trojan uses a malicious domain, 318x, to install malware including the Buzuz backdoor Trojan, said Mary Landesman, senior researcher at ScanSafe. The Trojans, typically IRC-based have been used much more in website attacks, security experts say. IRC channels, the traditional method of channeling attacks is shrinking as attackers turn to automated tools that funnel more efficient ways to carry out attacks.
Once the websites are compromised and the drive-by attacks are in place, visitors will typically have their machines scanned for any Web-based software that isn’t fully patched, such as the Adobe Flash Player or Microsoft Internet Explorer browser components, Landesman said. As with many of these attacks, the Landesman said they are used to steal credit card data or lift victim bank login credentials.
A later search found that nearly 300,000 websites may have been hit by the attack. It’s important to note that the attacks target any flawed website. Administrators overseeing larger websites, should pay close attention to anomalies and scan for any errors that may be used for site compromises.
DBAPPSecurity Inc, 2006-2010 www.dbappsecurity.com
web application firewall web application scanner web monitor database scanner database auditor log auditor web security services