Slashdot Mirror

← Back to Stories (view on slashdot.org)

500 Thousand MS Web Servers Hacked

Posted by kdawson on from the scream-and-shout dept.

andrewd18 writes "According to F-Secure, over 500,000 webservers across the world, including some from the United Nations and UK government, have been victims of a SQL injection. The attack uses an SQL injection to reroute clients to a malicious javascript at nmidahena.com, aspder.com or nihaorr1.com, which use another set of exploits to install a Trojan on the client's computer. As per usual, Firefox users with NoScript should be safe from the client exploit, but server admins should be alert for the server-side injection. Brian Krebs has a decent writeup on his Washington Post Security Blog, Dynamoo has a list of some of the high-profile sites that have been hacked, and for fun you can watch some of the IIS admins run around in circles at one of the many IIS forums on the 'net."

13 of 332 comments (clear)

  1. ob... by Anonymous Coward · · Score: 4, Funny

    Does it run on linux.

    1. Re:ob... by steelclash84 · · Score: 5, Funny

      Did you really name your kid "Robert'); DROP TABLE Students; --"?

    2. Re:ob... by hclewk · · Score: 5, Funny

      Oh, yes. Little Bobby Tables, we call him.

  2. LOL by ThePhilips · · Score: 2, Funny

    Lolicious.

    I once spend an hour trying to explain IIS/MS SQL Server admin what PHP/MySQL addslashes()/mysql_escape_string() do - all to no avail. He was absolutely sure it is sufficient to like in VB surround any string with single quotes and it all will be fine.

    Now seeing that it's real fun for guys, I can only laugh.

    --
    All hope abandon ye who enter here.
  3. Re:Seems to be effecting older versions of IIS... by geminidomino · · Score: 3, Funny

    http://xkcd.com/327/

  4. Re:The Trojan is hosted in China by Kong+the+Medium · · Score: 4, Funny

    I'm sure you mean Persia.

    And I'm sure you meant Turkey.(http://en.wikipedia.org/wiki/Troy).

    --
    ... whenever a text is transmitted, variation occurs. This is because human beings are careless, fallible, and occasiona
  5. Re:epic lol by Goaway · · Score: 2, Funny

    Doing the same thing over and over and expecting different results? Like flipping a coin?
  6. Re:Bias? by Anonymous Coward · · Score: 1, Funny

    HA!, I'm immune from your puny attack. My users table is named Users_Obfuscated

  7. Impressive fighter plane they have there by hellfire · · Score: 2, Funny

    I got hacked shortly after the hainan island incident in 2001. that is when the us spy satellite was bumped a chinese fighter, and was forced to land on hainan island (china).

    Is that the fighter plane with warp drive and photon torpedos?

    Sorry to pick on ya dude... it was a US spy plane, not a spy satellite :)

    --

    "All great wisdom is contained in .signature files"

  8. Re:epic lol by digitalsolo · · Score: 2, Funny

    It's about reality, not probability. If you throw a coin up, it will come down. Throwing it over and over, and expecting to suddenly not come down, is a good example. Yet, for some reason, I read comments every day, and still expect that everyone will "get it". Insanity indeed.

    --
    Just another ignorant American.
  9. Re:Bias? by Stellian · · Score: 5, Funny

    In fact, the attack enumerates all ASP variables and tries to force a SQL payload in them, that in turn if executed adds the link to the malicious script to every textfield in the database. A very simple vulnerability scanner, if you like, targeting only ASP applications - thus the ISS spin.
    Since we don't see the LAMP version spreading I think we can safely conclude that no web application written in PHP with a MySQL back-end is currently vulnerable to any type of SQL injection.

  10. Re:This site makes me sick by stubear · · Score: 2, Funny

    Why would astronauts be writing web applications? Don't they have more important experiments to be conducting to waste time playing on the internet?

  11. Re:More data needed by MacWiz · · Score: 2, Funny

    the answer is it runs on Microsoft IIS server and Microsoft SQL Server.

    Microsoft's technical team was taken by surprise, giving them fresh hope that they, too, can develop software which runs on Microsoft IIS server and Microsoft SQL Server.