Security Protection – Harry Waldron MVP Rotating Header Image

LizaMoon Mass SQL Injection Attack continues

Please be careful with all website links that are presented to you in Facebook, email, or in web searchers.  Attackers are using SQL Injection attacks to seed vulnerable websites with FAKEAV and other malware.

LizaMoon Mass SQL Injection Attack continues http://blog.trendmicro.com/lizamoon-etc-sql-injection-attack-still-on-going/
http://www.eweek.com/c/a/Security/LizaMoon-Mass-SQL-Injection-Attack-Points-to-Rogue-AV-Site-852537/

QUOTE: Websense Security Labs discovered a mass-injection campaign infecting more than 28,000 URLs, including a few Apple iTunes URLs that redirect users to a rogue AV site.  Attackers have launched a large-scale SQL injection attack that has compromised several thousand legitimate Websites, including a few catalog pages from Apple’s iTunes music store.

Websense Security Labs and the Websense Threatseeker Network discovered the mass-injection campaign that compromised over 28,000 URLs, including several iTunes URLs, according to Patrik Runald, a senior manager of security research at Websense Security Labs, who posted an alert on the Security Labs blog. The mass-injection attack has been named LizaMoon after the domain hosting the attack code.

Unlike the recent SQL injection attack that affected MySQL.com and Sun.com, this mass injection is a SQL injection attack against a large volume of legitimate sites. The LizaMoon attack inserts a line of code referencing a PHP script that redirects users to another malware site.

Leave a Reply