Mass injection attack hits a million websites2011-04-01 10:48 by DanielaTags: SQL injection, trojan, Lizamoon, security
More than a million URLs have been compromised by a cyberattack that's suddenly ramped up in the last 24 hours to become one of the biggest mass-injection attacks ever seen. The Trojan, dubbed Lizamoon, redirects Web surfers to a fake antivirus website via malicious JavaScript code injected into web pages. Discovered two days ago, it's escalated rapidly. Around half the victims appear to be located in the US. A number of iTunes pages appear to be affected, although the way these pages are set up prevents the code from automatically executing on users' computers. Now, security firm Websense says its detected a number of other injected URLs on top of the original Lizamoon, meaning the attack is even bigger than first thought - there's a full list, here. Read more -here-
User Reviews/Comments:
rate:
avg:
by
shinobi - 2011-04-02 09:58
Websense has a great break down on this SQL injection attach here, including a demographic:
http://community.websense.com/blogs/securitylabs/archive/2011/03/31/update-on-lizamoon-mass-injection.aspx |