SQL Attack On Isp Affects At Least 100,000 Websites
Veserv.com an Internet Service Provider based in U.K disclosed that unknown attackers exploited a zero-day flaw within popular virtualization software that resulted in the destruction of the database for a large 100,000 websites.
Reportedly, the website of Veserv displays an extended index of updates that the technicians are posting as they get about retrieving the damaged data.
Also, the hackers who gained an elevated server access, managed to penetrate into the company's computer system perhaps with an SQL injection, which permeated the core management software of Vaserv and deleted crucial data and binaries for nearly 50 percent of the user data that the service stored.
Meanwhile, the security specialists said that in an SQL injection attack, malicious software is pushed inside strings, which are subsequently transmitted to an SQL server where they are parsed and run.
Said Rus Foster, director of Vaserv.com that the intruders effectively executed onto the target system 'Unix' commands such as 'rm-rf' that effectively deleted all files. SCMagazine published this on June 9, 2009.
Disturbingly, about half of the Vaserv's clients subscribed for services of unmanaged kind that does not cover data backup, said Foster that The Register published on June 8, 2009. According to him, it cannot therefore be said for sure if it is possible for those website administrators to recover the data that has been lost. Consequently, at least 50 percent of the websites receiving hosting service from Vaserv is now off the Internet, he said.
Furthermore, Chief Technology Officer Amichai Shulman of Imperva said that if the attack indeed involved an SQL injection then it yet again demonstrated the strength and force of such an assault, reports SCMagazine on June 9, 2009. Shulman further said that about a month back, an SQL Injection attack had struck Puerto Rico's DNS Registrar that led to domain names such as Microsoft.pr, Google.pr and others to point malware delivering servers that attackers controlled.
Elucidating on the point, security researchers stated that SQL Injection attacks were getting increasingly meaner, suggesting that companies must keep a strict control on both incoming and outgoing traffic pertaining to the application load.
Related article: SoCal Computer Hack Traces to Watsonville
» SPAMfighter News - 17-06-2009