(WEB HOST INDUSTRY REVIEW) –- Security firm WebSense (www.websense.com) discovered an attack last week where malware writers used website flaws to inject malicious scripts into hundreds of thousands of websites.
The attack came in the form of an injected domain called LizaMoon, which WebSense says is a part of a larger attack that redirects users to a website that dupes them into downloading rogue anti-virus software called Windows Stability Center.
WebSense says that LizaMoon uses SQL injection to upload malicious script to compromised websites.
Other domains have since followed LizaMoon in these injection attack, and WebSense has posted a full list of these URLs on its website.
On March 28, WebSecurity initially found 28,000 URLs had been compromised. However, the security firm later discovered a total of 226,000 compromised URLs, many of which were iTunes URLs. Apple has since rid these URLs of the malicious code.
At the time of this article's posting, a Google Search shows that there are well over 1.5 million infected URLs.
However, this number may not be entirely accurate, as WebSense says that a Google Search is an inaccurate metric since it shows unique URLs and not unique hosts.
As the attack continues to make its rounds across the Internet, WebSense is warning users not to install any web-based anti-virus software that claims your computer is full of bugs.
In another attack reported last week, the Oracle-owned MySQL.com website was compromised by two Romania-based hackers, who published usernames and passwords for some users of the site.
Source: www.thewhir.com
New Release Book in January
13 tahun yang lalu
0 komentar:
Posting Komentar