Friday, April 1, 2011

Massive Cyber Attack affects millions of sites

PC World - Hundreds of thousands -- and possibly millions -- of websites have been hit with a cyberattack that some are calling "one of the biggest mass-injection attacks we've ever seen."
The attack was discovered on March 29 by security firm WebSense, and the injected domain was called -- thus, the name of the mass-injection is "LizaMoon." According to WebSense, LizaMoon uses SQL Injection to add malicious script to compromised sites. While the first injected domain was, additional URLs have since been injected in the attack (WebSense has a full list here).
The method of using an injected script redirects users to a rogue AV site, which tries to get people to install a fake anti-virus program called Windows Stability Center.
When WebSecurity discovered the attack on March 29, 28,000 URLs had been compromised. The number quickly grew to 226,000, including many iTunes URLs (though the malicious code is neutralized by Apple).