SQL Injection attack still spreading - 84000 and counting
by Steve Ragan - Aug 26 2009, 21:10
The automated SQL Injection (SQLi) attacks that gained attention late
last week are spreading, and according to the researchers that
discovered the attack, they are related to similar SQLi attacks in
China. ScanSafe, who discovered the attacks, thinks these attacks may
be regionally targeted.
The original report from ScanSafe looked only at the domain,
which is injected via a malicious Iframe into a legitimate site by
using various automated SQLi methods. At the time of the first report
on Friday, the count was just under 55,000 sites. On Wednesday, the
number of sites swelled to just over 84,000. Adding to this is the
discovery of similar SQLi attacks taking place in China, leading
ScanSafe to speculate that the attacks may be regional.
The Malware served in the attacks reported by ScanSafe on Friday are
a nasty cocktail of code, including backdoor related Malware,
keylogging Malware, various Trojans and more...
Continue Reading at The Tech Herald