New wave of website hacks seek to spread malware

Powered by SC Magazine
 

A new round of mass SQL injection attacks began Friday morning.

Those behind the SQL injection attack that compromised pages belonging to the Wall Street Journal and a number of other sites are at it again, according to researches at malware detection solutions provider Sucuri Security.

The latest wave of attacks began on Friday morning and, at that time, 1,000 pages, including the websites for Chicago Public Radio and IndustryWeek, were infected, David Dede, lead security researcher at Sucuri Security, told SCMagazineUS.com on Friday.

The sites were injected with JavaScript code that attempted to load malware from a new malicious web server onto visitors' PCs, researchers said. As of Friday afternoon, the server was still active.

“They [attackers] just started using a different site to host the malware, which is still live, so these sites are currently actively serving malware to their users,” Dede said.

Some of the same sites that were infected earlier this week were reinfected in the latest attack, he added. Since the second round of the attack just began, it is difficult to determine the extent, so the actual number of infected sites might be greater than 1,000.

The attack also has affected the websites: Ameristar.com; Servicewomen.org, which was also infected in the last wave of attacks, Booksellerandpublisher.com.au and Spain-holiday.com.

Ironically, one of the infected sites was Idera.com, a provider of SQL Server and SharePoint administration tools, Dede said.

Just like the last wave of attacks, all affected sites are hosted on Microsoft Internet Information Services (IIS) web servers, and using Active Server Pages software from ASP.net.

Earlier this week, Microsoft said the previous attack was the result of vulnerabilities in third-party web applications and did not demonstrate holes in Microsoft software. 

Mary Landesman, a senior security researcher at Cisco, has said SQL injection attacks like this are common.


See original article on scmagazineus.com

Copyright © SC Magazine, US edition


New wave of website hacks seek to spread malware
 
 
 
Top Stories
At the top of her game
A decision to bring digital operations back in-house three years ago has paid big dividends for Tabcorp.
 
Westpac hires SAP man as CTO
Creates four new IT lead positions.
 
Qld Transport to replace core registration system
State's biggest citizen info repository set for overhaul.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 995

Vote