04-04-2012, 07:56 AM
Security experts of Webroot has confirmed that another mass SQL-Injection attack is currently underway. According to the blog post of Webroot "Hundreds of thousands of legitimate web sites are currently affected in a a mass SQL injection attack that has been ongoing for the past several months. The ongoing mass SQL injection attacks, are directly related to last year’s scareware-serving Lizamoon mass SQL injection attacks.
The cyber criminals behind it, are automatically exploiting the legitimate web sites, and embedding a tiny script on the affected pages, abusing an input validation flaw, or exploiting vulnerable and outdated versions of the web application software running on them."
hjfghj.com/r.php – According to Google, 323,000 sites are affected
fgthyj.com/r.php – According to Google, 390,000 sites are affected
gbfhju.com/r.php – According to Google, 74,200 sites are affected
statsmy.com/ur.php – According to Google, 3,080,000 sites are affected
stmyst.com/ur.php – According to Google, 1,320,000 sites are affected
Earlier in 2011 we have also seen such scenario when 614,000 webpages comromised with mass ASP.NET Infection, also Willysy malware Infects More than 6 Million WebSites, LilupophilupopAttack took 1 Million+ Web-pages and so on. Even in last month we have seen more than 200,000 websites get compromised with fake anti-virus exploit
Google Dorks:
source:
The cyber criminals behind it, are automatically exploiting the legitimate web sites, and embedding a tiny script on the affected pages, abusing an input validation flaw, or exploiting vulnerable and outdated versions of the web application software running on them."
hjfghj.com/r.php – According to Google, 323,000 sites are affected
fgthyj.com/r.php – According to Google, 390,000 sites are affected
gbfhju.com/r.php – According to Google, 74,200 sites are affected
statsmy.com/ur.php – According to Google, 3,080,000 sites are affected
stmyst.com/ur.php – According to Google, 1,320,000 sites are affected
Earlier in 2011 we have also seen such scenario when 614,000 webpages comromised with mass ASP.NET Infection, also Willysy malware Infects More than 6 Million WebSites, LilupophilupopAttack took 1 Million+ Web-pages and so on. Even in last month we have seen more than 200,000 websites get compromised with fake anti-virus exploit
Google Dorks:
Hidden Content
source:
[To see links please register here]