Devastating SQL attack compromises 50,000 sites

August 26, 2009

[From V3]

A new SQL injection attack has already snared over 50,000 legitimate web sites, and threatens to cause havoc for innocent internet users, according to new research from ScanSafe. The security-as-a-service firm said in a blog post that it first detected the problem on Friday.

The attack exploits poor coding to insert a malicious iframe on the sites. When visited by a user, an infected site will begin to download what ScanSafe senior security researcher Mary Landesman described as "a potent Trojan cocktail consisting of backdoors, password stealers and a downloader".

The article continues at

The Network for Technology Professionals



Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers