English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

SQL Attack on BusinessWeek Site Results in Malware Infection

BusinessWeek.com, a Website of the world's reputed magazine BusinessWeek that recently (in the 2nd week of September 2008) publicly launched Business Exchange, a social network meant for industry leaders and other readers, has been attacked by a SQL technique.

According to security software provider, Sophos, hackers have attacked the site in a bid to infect visitors' systems with malware.

Furthermore, a large number of pages in one section of the Website that presents information on potential employers for MBA students have been affected.

Sophos further says that hackers launched the SQL attack - where security flaw of a site is exploited to inject malware into the database that runs the site - to execute malicious code on pages in an attempt to download malicious software from a server located in Russia.

Security Experts at Sophos disclosed that once the malicious software successfully downloaded via exploitation of the server loophole, the attack codes could, as per standard, launch anything the attacker desires except the currently included script for auto-generated JavaScript attacks. It suggests that a user could be struck with malware simply by visiting the site even without reciprocating in any manner.

While the attack code inserted into BusinessWeek.com links to the Russian Website, the experts inform that the latter (Russian site) is fortunately down at the moment not delivering malicious code any further. However, there is a possibility of its revival any time, resulting in infection to hundreds of MBA students seeking high-salaried jobs.

Graham Cluley, Senior Technology Consultant at Sophos, says that BusinessWeek needs to quickly eliminate the numerous malicious scripts plaguing its site, before an attacker could install malware that these scripts could activate, as reported by ComputerWorld on September 15, 2008.

However, BusinessWeek.com said nothing about its counter-action except that the malicious program was removed.

Patti Straus, Spokesperson for BusinessWeek, said that Internet security was their top priority and as they continued to probe into the matter, they were sure that their readers' private data had not been accessed, as reported by InternetNews on September 15, 2008. Straus also said that the attack impacted one software piece of a specific section of BusinessWeek.com.

» SPAMfighter News - 22-09-2008

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>