Global Secure Systems - Websense warns LizaMoon SQL injection attack has hit 380,000 domains

Home

• 2012
• 2011 Archive
• 2010 Archive
• 2009 Archive
• 2008 Archive
• 2007 Archive
• 2006 Archive
• 2005 Archive
• 2004 Archive
• 2003 Archive
• 2002 Archive

• January
• February
• March
• April
• May
• June
• July
• August
• September
• October
• November
• December

About RSS feeds

Websense warns LizaMoon SQL injection attack has hit 380,000 domains

Security firm Websense is warning that that the mass LizaMoon SQL injection attack discovered earlier this week is much bigger than previously thought, and that over 380,000 URLs have been affected. The firm first warned of the attack on Tuesday, claiming that hackers had injected a single line of code into thousands of web sites, linking the viewer to a well-known fake anti-virus site at defender-uqko.in.

Among the pages infected were several iTunes URLs, although Websense explained that Apple's security measures would have blocked any attack.

Initially it was thought that the mass SQL injection attack affected some 28,000 domains, but that number has now increased more than 10-fold.

Carl Leonard, senior manager at Websense Security Labs, argued that LizaMoon is now one of the largest mass injection campaigns ever seen.

"We have been monitoring the attack since it came out and noticed that the number of the compromised URLs is still increasing, moreover, more domains - different payload sites - have started to be involved in addition to the original lizamoon.com," he said.

"The payload sites remain inactive at present although they could be ‘switched' on at any time. We can only speculate as to what the bad guys are waiting for."

Permalink Bookmark Digg this story

  |  About RSS feeds