TRENDING:

Lizamoon Strikes Millions

SQL Inject Dubbed 'Most Successful' Information Security Media GroupApril 1, 2011    
Lizamoon Strikes Millions
A malicious, mass SQL injection known as Lizamoon could be affecting more than 1 million URLs, according to a blog posting by Patrik Runald, senior manager for security research at Websense, which offers Internet security products and services. Lizamoon has been dubbed by some as being one of the cyberworld's most successful SQL attacks. The attack, which launched March 29, has hit more than 28,000 sites and is expected to grow. Websense, which named the attack, reports hackers are inserting links to their malicious website by exploiting security loopholes.

In his blog, which posted late Thursday, Runald writes that, based on Google Search results, more than 500,000 URLs have a script link to lizamoon.com. Websense Labs identified other URLs that are injected in the exact same way, so the attack is even bigger than the security firm originally thought.

"Google Search results aren't always great indicators of how prevalent or widespread an attack is, as it counts each unique URL, not domain or site, but it does give some indication of the scope of the problem if you look at how the numbers go up or down," Runald writes.

The domain lizamoon.com was registered March 26. Users who visit the malicious site, after clicking links on legitimate but infected sites, are told their machines are infected with non-existent viruses; users are then asked to download a fake anti-virus software called Windows Stability Center. "To fix them you have to pay for the full version of the application," Runald writes. "Very traditional rogue AV scam."

Early reports suggested the attackers were hitting sites using Microsoft SQL Server 2003 and 2005. Weaknesses in Web application software could be to blame.

Among the URLs infected is the one for iTunes catalogue page displaying podcast information. "The good thing is that iTunes encodes the script tags, which means that the script doesn't execute on the user's computer," Runald wrote. "So good job, Apple."

Sites hosting the malicious software have since been shut down.

Previous
Social Media for Senior Leaders
Next
RSA Breach: A Legal View

About the Author

Information Security Media Group

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 34 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.



Around the Network

Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
HIPAA Considerations for AI Tool Use in Healthcare Research
HIPAA Considerations for AI Tool Use in Healthcare Research
Why Health Entities Need to Implement NIST Cyber Framework
Why Health Entities Need to Implement NIST Cyber Framework
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
What's Inside Washington State's New My Health My Data Act
What's Inside Washington State's New My Health My Data Act
Checking Out Security Before Using AI Tools in Healthcare
Checking Out Security Before Using AI Tools in Healthcare
CyberArk CEO Touts New Browser That Secures Privileged Users
CyberArk CEO Touts New Browser That Secures Privileged Users
Why Legacy Medical Systems Are a Growing Concern
Why Legacy Medical Systems Are a Growing Concern
Efficient Management of Enterprisewide Data Protection
Efficient Management of Enterprisewide Data Protection
Top Privacy Considerations for Website Tracking Tools
Top Privacy Considerations for Website Tracking Tools

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.