Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


A New Hack Attack Hits Apple.com

As per the news published by The Register on August 17, 2010, a hack attack, which exposes users to the malware exploits, has corrupted over 1 Million webpages which include at least two of Apple.

Legitimate firms websites are infected by SQL injection attacks with database commands which try to add hidden malicious links leading to harmful malware exploits. Most of the websites and webpages victimized belonged to mom-and-pop operations, but out of these webpages, two pages belonged to Apple which were used for promoting iTunes podcasts.

Fortunately, these harmful malware links and exploits have been cleaned as Google indexed and trace those two iTunes pages.

A ScanSafe Senior Researcher Mary Landesman has said that these malicious assaults have been continuous and are frequently changing, according to the news published by Erictric on August 17, 2010.

Landesman further states that many of these compromised sites have been engaged in frequent compromises in the last few months. It is not yet clear if the same attackers are responsible for these attacks or they are different attacks.

In accordance with the reports, at least 538 have become victims of the attack. However, other attacks (which feature similar "fingerprints" pointing to different websites) have been spotted.

The SQL injection assaults are successful because web applications do not scan search queries properly and other user-supplied content. After the processing of data, commands are transmitted to a website's backend server. This results into the addition of links or exposure of sensitive information.

Meanwhile, the security experts have commented that the attack is the latest among the hack attacks in order to hit large number of websites and webpages. As on June 2010, mass compromise adversely hit configured websites. More than 1000 pages of a wide range of domains compromised in the attack. The attack affects those who visit the links to connect to a server that tries to install malware in their PCs.

The users are recommended to install advanced antivirus programs to prevent the risk of being affected by the malware attack.

Related article: A New "Blackmailing" Variant Creeps Around…

» SPAMfighter News - 8/23/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page