Botnet Employs SQL Injection Tool to Hack Legitimate Sites
A not so well known botnet has introduced a new element to the recent surge in SQL injection attacks targeted on numerous Websites: it is supplying its bots with a tool of its own to launch attacks via SQL injection on security-weak sites, as reported by darkREADING on May 14, 2008.
After documenting his research results on the attack, Joe Stewart Director of malware Research, SecureWorks, commented that the botnet named Asprox is popular primarily for pushing phishing e-mails. He further said that in the recent days, this botnet has also been found to install a tool that helps in SQL injection attacks on its bot-infected PCs,. The bots Google search for .asp ...
» SPAMfighter News - 21-05-2008