A Medical Enlisted Military Web Community,
For all Military Services.
Past, Present, Future and Relatives of,
All are Welcome.

Thursday, March 28, 2024

UPDATE: The sql injection script that hit us, hit over 800,000 websites

April 1, 2011 by  
Filed under Corpsman.com News, Military Family

A Netcast Barely Alive...

Well I guess we are in good company.

 

We’re currently monitoring a still-ongoing mass compromise involving a great number of websites. The compromised sites have been injected with a malicious script that triggers redirects to certain URLs that lead to malware such as FAKEAV.

Based on Google searches, there is no common denominator in terms of the industry to which the compromised sites belong. We saw compromised websites related to astronomy, clubs, hospitals, sports, funeral homes, electronics, and others.

More URLs Involved

Investigations revealed that five URLs were used for the attack and were inserted into the compromised sites through SQL injection. The said URLs all resolve to a single IP server—a known malicious IP Trend Micro researchers are monitoring. Thus, the related URLs have been proactively blocked by Trend Micro as early as March 25, 2011:

 

 

You can read the rest of the article here: http://blog.trendmicro.com/lizamoon-etc-sql-injection-attack-still-on-going/

 

Gads.. I mean really.. Gads..

 

D/C

 

Comments are closed.