millions of Web pages links to sites peddling fake security software by a massive cyber attack are at risk hundreds of thousands of sites appear served are.The hi tech criminal uses exploits a known attack that include a link to their website security vulnerabilities on other sites.
The visitors of the criminal was told that their machines with many different viruses have been infected.
Swift action by security experts has managed to get the Sham software shut down the sites.
ManagementCompany Websense Security has the attack to track, since the launch on March 29. The initial number of compromised sites was 28,000 pages, but this has too many times this number include, such as the attack on rolled has.
Websense synchronized attack Lizamoon it as, which was the first domain name, the victims have been diverted. The fake software is Windows stability Center.
The forwarders carried out referred to by a SQL injection attack. This was followed by, because many servers with filters websites not the text of Web applications they are sent to.
The fake security software warns non-existence of viruses on the victim PCsThe formatting of the text correctly it is possible to hide instructions in it, then injected into the databases that these servers are running. In this case, the injection meant a specific domain as a redirection link to Web pages served visitors appeared.
Early reports suggested that the attacker hit Web sites with Microsoft SQL Server 2003 and 2005 and it will be adopted that weaknesses in the associated Web application software are vulnerable.
Ongoing analysis of the attack shows that the attackers managed it, code links to 21 separate domains map to inject. The exact number of Internet sites by the attack made a Google search for the attacker domains shows that more than three million Weblinks to view it is difficult to judge, but.
Security experts say it is the most successful SQL injection attack ever seen.
In General, the sites are small businesses, community groups, sports teams, and many other mid tier organisations be taken.
Currently work which re-directs, as the sites peddling fake software have not completed.
Also affected were some Web links with Apple's iTunes service. However, Websense security researcher Patrick Runald on the company blog, wrote this not mean that people, the fake software sites were redirected.
"The good thing is that the script tags, iTunes encoded means that that the script on the user's computer not run", he wrote.
没有评论:
发表评论