[Vulnerable links] 10K+ Websites Infected In Ongoing Mass SQL Injection Attack

Security experts of Webroot has confirmed that another mass SQL-Injection attack is currently underway. According to the blog post of Webroot "Hundreds of thousands of legitimate web sites are currently affected in a a mass SQL injection attack that has been ongoing for the past several months. The ongoing mass SQL injection attacks, are directly related to last year’s scareware-serving Lizamoon mass SQL injection attacks.

The cyber criminals behind it, are automatically exploiting the legitimate web sites, and embedding a tiny script on the affected pages, abusing an input validation flaw, or exploiting vulnerable and outdated versions of the web application software running on them."

hjfghj.com/r.php – According to Google, 323,000 sites are affected
fgthyj.com/r.php – According to Google, 390,000 sites are affected
gbfhju.com/r.php – According to Google, 74,200 sites are affected
statsmy.com/ur.php – According to Google, 3,080,000 sites are affected
stmyst.com/ur.php – According to Google, 1,320,000 sites are affected

Earlier in 2011 we have also seen such scenario when 614,000 webpages comromised with mass ASP.NET Infection, also Willysy malware Infects More than 6 Million WebSites, LilupophilupopAttack took 1 Million+ Web-pages and so on. Even in last month we have seen more than 200,000 websites get compromised with fake anti-virus exploit

Google Dorks:

Hidden Content

You must

[To see links please register here]

or

[To see links please register here]

to view this content.

source:

[To see links please register here]