Over 100,000 Websites Affected in Mass Web Attack

Up to 114,000 wesqlinjection1bsites have been hit in the worst widescale web attack since a number of sites were hacked in April.  The list of affected sites include the Wall Street Journal and the Jerusalem Post, as well as sites such as servicewomen.org and intiljobs.org.
The nature of the attack is an HTML code that sends users to a malevolent Web server that tries to install software on their computers. This would allow a hacker to obtain control of the computer.

It’s suspected by researchers that a SQL injection attack was used to force websites to run database commands, allowing hackers to install the HTML.

Not all the websites have been hit completely, since some hackers were only able to install their code on certain pages of very large websites. Some break into a partner site such as an ad company that is allowed to post things on some of the larger company’s website. In the case of the Wall Street Journal, only a small number of pages that displayed real-estate ads were affected.

Scrawlr, a tool released by Microsoft and HP allows users the ability to check sites for SQL injection vulnerabilities.

(Via Computer World)

About the author  ⁄ BrickHouse Security

BrickHouse Security is the industry's premier supplier of security and surveillance solutions. As a recognized authority in GPS tracking, hidden cameras, cell phone/PC monitoring, video surveillance and counter surveillance, we help our customers use technology to get the clarity they need. We proudly serve consumers, businesses of all sizes and the law enforcement community. When you need to know, BrickHouse has the answers.