Sites Hacked With Mass Injection Cyber Attack

Hundreds of thousands of website have been attacked by a mass injection attack.

In plane term a mass injection attack is where malicious computer code exploits a websites database. When the SQL insertion attack takes place it is basically like your website is being highjacked by a virus, because that is what a malicious program or computer script is.

The internet security firm websense discovered the internet virus know as lizamoon because this appears to be the site where the SQL mass injection attack started.

The lizamoon virus spread on 3/28/11 to over 200,000, website and onto even more computers. This mass injection attack placed one line of code into the compromised websites that then redirected users to a spyware anti virus site and tries to get them to install a fake anti virus software called Windows Stability Center.

sql injection attack

One interesting thing is that people using itunes were not affected because itunes encodeds its scripts and there are executed on the server and not on the users PC or mac.

So Apple is to be commended by some of the steps it takes to protect its end users. When surfing the internet be cautious if something is out of the ordinary and especially if you are redirected to an unknown website. Immediately x out of your browser if you see a website is trying to install a program on your computer. Next restart the computer and run a legitamate anti virus anti spyware program like, malwarebytes anti malware, spybot search and destroy, AVG anti virus, comodo internet security, norton internet security or mcaffee internet security.

More on this subject here at computer world.com.

http://community.websense.com/blogs/securitylabs/archive/2011/03/29/lizamoon-mass-injection-28000-urls-including-itunes.aspx

Comments