SQL attack hits 500,000 websites

By Shaun Nichols on Apr 26, 2008 3:56 PM
Filed under Security

Security researchers have uncovered a new SQL attack which has compromised more than half a million web pages.

"They have hit city websites, commercial sites and even government websites, " wrote Sans researcher Donald Smith.

"This type of injection pretty much voids the concept of 'trusted' or 'safe' websites."

Security firm F-Secure said that at least 510,000 pages have fallen victim to the attack.

The compromised sites have been embedded with code that redirects the user to a third-party site at which eight different exploits attempt to install a password-stealing Trojan.

F-Secure and Sans Institute urged administrators to block access to the domains hosting the malware exploit.

The Sans Internet Storm Center recommended blocking access to hxxp:/www.nihaorr1.com and the IP it resolves to 219DOT153DOT46DOT28 at the edge or border of the network.

F-Secure also recommended that administrators of hosting servers check their logs for possible attacks.

The outbreak is the latest in a rash of large-scale attacks this year. In March, a pair of attacks, one infecting 10,000 pages and another compromising 200,000 pages, were uncovered by researchers.

 
Follow us on Facebook and Twitter
 

Copyright ©v3.co.uk

SQL attack hits 500,000 websites
 
 
 
 
 
Top Stories
10 things we learned this week
Seasons greetings and "Yo Gabba Gabba!" from CRN.
 
Microsoft partner Ensyst acquired by Optus
Australian partner of the year joins Optus Business.
 
How I learned to stop worrying and love Hyper-V
How secondhand data centre pizza boxes and tablets can get an SMB mobile and productive.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
Who had more wins in 2014?

Latest Comments
CRN Magazine

Issue: 334 | December 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.