10K+ Websites Infected In Ongoing Mass SQL Injection Attack ~ VOGH- VOICE OF GREYHAT| Leading Resource of Cyber Updates & Hacker News

10K+ Websites Infected In Ongoing Mass SQL Injection Attack

Security experts of Webroot has confirmed that another mass SQL-Injection attack is currently underway. According to the blog post of Webroot "Hundreds of thousands of legitimate web sites are currently affected in a a mass SQL injection attack that has been ongoing for the past several months. The ongoing mass SQL injection attacks, are directly related to last year’s scareware-serving Lizamoon mass SQL injection attacks. The cyber criminals behind it, are automatically exploiting the legitimate web sites, and embedding a tiny script on the affected pages, abusing an input validation flaw, or exploiting vulnerable and outdated versions of the web application software running on them."

The campaign is currently consisting of 5 SQL injected domains parked on a single IP hosted within the Russian Federation. Parked at 91.226.78.148 (AS56697, LISIK-AS OOO “Byuro Remontov “FAST”) are the following domains participating in the mass SQL injection attack:

hjfghj.com/r.php – According to Google, 323,000 sites are affected

fgthyj.com/r.php – According to Google, 390,000 sites are affected

gbfhju.com/r.php – According to Google, 74,200 sites are affected

statsmy.com/ur.php – According to Google, 3,080,000 sites are affected

stmyst.com/ur.php – According to Google, 1,320,000 sites are affected

All of these domains have been registered by the same cybercriminal/gang, using identical WHOIS records:

JamesNorthone

James Northone jamesnorthone@hotmailbox.com

+1.5168222749 fax: +1.5168222749

128 Lynn Court

Plainview NY 11803

Thankfully, all of these domains are currently returning a “404 Not Found” error message, with the cybercriminals behind the campaign, attempting to cover their tracks. Earlier in 2011 we have also seen such scenario when 614,000 webpages comromised with mass ASP.NET Infection, also Willysy malware Infects More than 6 Million WebSites, Lilupophilupop Attack took 1 Million+ Web-pages and so on. Even in last month we have seen more than 200,000 websites get compromised with fake anti-virus exploit. There is no ready made solution for such attacks or vulnerabilities because we all know that "Security is an Illusion", but still the site Admin & webmasters should became more conscious and try to avoid silly programming mistakes, should keep their systems up-to-date and use antivirus software.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

<a href=">10K+ Websites Infected In Ongoing Mass SQL Injection Attack"https://www.voiceofgreyhat.com/2012/04/10k-websites-infected-in-ongoing-mass.html</a>

LINK TO OUR HOME PAGE :

<a href=">VOGH- VOICE OF GREYHAT| Leading Resource of Cyber Updates & Hacker News"https://www.voiceofgreyhat.com/</a>

Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH

If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH