Sales & Marketing
Training & Development
PCs & Servers
Imaging & Printing
SQL attack hits 500,000 websites
Apr 26, 2008 3:56 PM
Security researchers have uncovered a new SQL attack which has compromised more than half a million web pages.
"They have hit city websites, commercial sites and even government websites, " wrote Sans researcher Donald Smith.
"This type of injection pretty much voids the concept of 'trusted' or 'safe' websites."
Security firm F-Secure said that at least 510,000 pages have fallen victim to the attack.
The compromised sites have been embedded with code that redirects the user to a third-party site at which eight different exploits attempt to install a password-stealing Trojan.
F-Secure and Sans Institute urged administrators to block access to the domains hosting the malware exploit.
Sans Internet Storm Center
recommended blocking access to hxxp:/www.nihaorr1.com and the IP it resolves to 219DOT153DOT46DOT28 at the edge or border of the network.
F-Secure also recommended that administrators of hosting servers check their logs for possible attacks.
The outbreak is the latest in a rash of large-scale attacks this year. In March, a pair of attacks, one infecting 10,000 pages and another compromising 200,000 pages, were uncovered by researchers.
Follow us on
From AFL to channel: Microsoft 'silver bullet' unveiled
Office for iPad: 12m downloads but poor reviews
British IT firm upgrades 30,000 PCs in 30 days
Google's Cloud SQL now available with SLA
Apple and Microsoft's 'borrowing' déjà vu
Dick Smith writes down $60m inventory after poor sales
Hills chief: transformation cost us customers, staff, revenue
Optus crowns new MVNO with streaming-data deal
#1 Sliced Tech, 2015 CRN Fast50
Send us your tips
You must be a registered member of CRN to post a comment.
Click here to login
Click here to register
Meet every company in the 2015 CRN Fast50
Your complete guide to the best in the Australian channel.
Stephen Parker departs Rhipe, launches consultancy
Will help organisations on cloud and financial strategy.
Generation-e acquires Paradyne
Creates 1,000-client powerhouse in UC and cloud.
Sign up to receive CRN email bulletins
Revealed: The 2015 CRN Fast50!
The full list of the 2015 CRN Fast50
Microsoft Band 2 review: good... but not great
Telstra kicks off 'root and branch' review of partner program
Australian IT superpower born as CSC-UXC deal approved
Powered by Disqus
Was your most important vendor the same in 2015 as in 2014?
view previous polls »
Powered by Disqus
CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.
What's in this issue?
Most popular tech stories
14 Windows 10 problems… and how you can fix them forever
The 15 ESSENTIAL Windows 10 tips and tricks you need to know
7 accounting packages for Australian small businesses compared: including MYOB, QuickBooks Online, Reckon, Xero
Do you use Dropbox? Here are some clever tricks
How much does it cost to use the NBN? 14 providers compared including iiNet, Telstra, Internode
NBN considering overbuilding dodgy $800m Optus cable
Telstra to cut 150 jobs from enterprise services group
RMIT hires six new IT execs in leadership overhaul
Scores of devices on Telstra vulnerable to silent data interception
NSW digital driver's licence due by end of 2018
The top Fallout 4 look-alikes
How to: How much RAM do you really need?
Top 25 fantasy games of all time
14 Windows 10 problems - and how to fix them forever!
Our second Intel 750 SSD winner!
Get a Paladins closed beta code!
Star Wars original trilogy heroes and villains
Holiday buying guide for shooters
Fallout 4 first beta patch notes
Review: Intel i7-4970K
PC & Tech Authority
nextmedia Pty Ltd
. All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's
Terms & Conditions
Login to CRN
Email or Username:
* Email or Username required
* Password required
Forgot your password?
Don't have an account? Register now!
To request a
, enter the email address linked to your CRN account and we'll send one to you.
* Email required
* Invalid Email address
* Invalid Email address
Click here to return to Login Form
comments powered by Disqus.