Security firm tracks mass SQL injection attack

Share this article:
At least 380,000 web pages have been infected via SQL injection to serve rogue anti-virus programs, known as scareware, security firm Websense reported Thursday. The sites were injected with code that directs victims to a website called Liza Moon, which automatically redirects users to a notorious site serving fake anti-virus. Both domains currently are down, according to Websense. This latest round appears to be targeting iTunes URLs that are used to update podcasts. This is one of the largest mass SQL injection attacks that Websense has detected since that style of attack became popular in 2008 and 2009.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Millenials improve security habits, more interested in cyber careers, still need guidance

Millenials improve security habits, more interested in cyber ...

Raytheon's second annual survey on the online and security behavior of Millennials shows improvement but still a long way to go.

Pakistani man indicted over spyware app creation

Hammad Akbar created StealthGenie, which allowed the purchaser to secretly monitor a cell phone's communications.

FDA finalizes guidelines on medical device, patient data security

The recommendations are aimed at providing better protecting patient health and data, as well as hoping device manufacturers take into account cybersecurity risks in the early stages of development.