Powersellersunite Power Sellers Unite
Bringing Buyers and Sellers Together
 

Lizamoon SQL injection attacks to hit hundreds of thousands
Click here to go to the original topic

 
       Power Sellers Unite Forum Index -> Scams, Frauds, and Phishing
::  
Author Message
dticorp



Joined: 19 Aug 2006
Posts: 1760
Posted: Fri Apr 01, 2011 4:44 pm    Post subject: Lizamoon SQL injection attacks to hit hundreds of thousands  
Lizamoon SQL injection attacks step up fast to hit hundreds of thousands of websites

A mass injection attack dubbed Lizamoon is spreading rapidly and has infected up to more than 1.5 million URLs.

The attack was first announced by Websense on Tuesday, when the content-filtering firm said 28,0000 web pages had been infected.

"The Lizamoon mass injection is one of the largest mass injection campaigns we have ever seen," said Carl Leonard of Websense Security Labs.

The number of the compromised URLs is still increasing, and more domains or payload sites have started to be involved, in addition to the original lizamoon.com, he said. These include world-of-books.com, alexblane.com, and alias-carter.com.

The attack uses SQL injection techniques to insert rogue code into the databases of PHP and ASP websites.

Websense says it is not aware of a vulnerability in Microsoft SQL Server 2003 and 2005. The most likely vulnerabilities, researchers say, are in the web systems used by these sites, such as outdated CMS and blog systems.

More information here:
http://www.computerworld.com/s/article/9215428/Millions_of_sites_hit_with_mass_injection_cyberattack

and here:

http://www.computerweekly.com/Articles/2011/04/01/246138/Video-Lizamoon-SQL-injection-attacks-step-up-fast-to-hit-hundreds-of-thousands-of.htm

Play FREE Superman Games
Back to top  
 
       Power Sellers Unite Forum Index -> Scams, Frauds, and Phishing
Page 1 of 1




Powered by phpBB © 2001, 2002 phpBB Group