Websense: Major SQL Injection Attack Infects over 28,000 Websites

Wednesday Mar 30th 2011 by Kara Reeder
Share:

The attack, which Websense has dubbed LizaMoon, injects a single line of code into websites that sends the user to a well-known fake security software site at defender-uqko.in.

V3.co.uk reports that Websense has uncovered a huge SQL attack that has infected over 28,000 legitimate Internet sites.

The attack, which Websense has dubbed LizaMoon, injects a single line of code into websites that sends the user to a well-known fake security software site at defender-uqko.in.

Some of the code has been spotted in iTunes URLs; however, Websense believes Apple's security policies likely blocked any attack:

The way iTunes works is that it downloads RSS/XML feeds from the publisher to update the podcast and list of available episodes. We believe that these RSS/XML feeds have been compromised with the injected code. The good thing is that iTunes encodes the script tags, which means that the script doesn't execute on the user's computer.

 

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved