More Website Attacks Through SQL Injection
Security investigators of the Shadowserver Foundation have found another wave of SQL injection attacks that have been affecting over 4,000 Web pages created with Microsoft's .NET and ASP technologies.
The Internet Storm Center, which traces online attacks, also warned on May 7, 2008 that a malware was infecting weak Websites by attacking their database.
This malware, a worm attaches a code to the target site, which then connects to a parallel page of the fake Website by injecting an iframe that infects visiting systems.
Currently over 11,000 Websites are reportedly infected with their HTML linking to the criminal Website. Further, a majority of these sites is in English.
Shadowserver Security Volunteer, Ste...
» SPAMfighter News - 15-05-2008