Chinese websites hit by Mass SQL Injection Attack
Web sites across China and Taiwan are being hit by a mass SQL injection attack that has implanted malware in thousands of Web sites, according to a security company in Taiwan. First detected on May 13, the attack is coming from a server farm inside China, which has made no effort to hide its IP (Internet Protocol) addresses, said Wayne Huang, chief executive officer of Armorize Technologies, in Taipei.
"The attack is ongoing, ... even if they can't successfully insert malware, they're killing lots of Web sites right now, because they're just brute-forcing every attack surface with SQL injection, and hence causing lots of permanent changes to the victim websites," Huang said. In a SQL injection attack, an attacker attempts to exploit vulnerabilities in a Web site's database by entering SQL code in an entry field, such as a login. If successful, such an attack can give the attacker access to data on the database and the ability to run malicious code on the Web site.
No comment yet
-
Pingback from 1Preventing SQL Injection Storm Attacks » D' Technology Weblog: Technology, Blogging, Tips, Tricks, Computer, Hardware, Software, Tutorials, Internet, Web, Gadgets, Fashion, LifeStyle, Entertainment, News and more by Deepak Gupta. says:June 3rd, 2008 at 2:26 am
[...] SiteMap June 3, 20082:24 am Preventing SQL Injection Storm Attacks “The malicious SQL payload is very well designed, somewhat database schema agnostic and generic so it could compromise as many database servers as possible,” informed Michael Howard, Senior Security Program Manager in the Security Engineering group at Microsoft. “While the attack was a SQL injection attack that attacked and compromised back-end databases courtesy of vulnerable Web pages, from a user’s perspective the real attack was compromised Web pages that serve up malware to attack users through their browsers.” [Read here or here or here or here] [...]
Leave a Response
