Slashdot Mirror

← Back to Stories (view on slashdot.org)

New SQL Injection Attack Fuses Malware, Phishing

Posted by kdawson on from the trust-me-just-click-on-it-ok dept.

PainMeds tips a recent post in Secure Computing's research blog describing a new SQL injection attack that had infected thousands of MSSQL-based web servers by last weekend, turning them into malware delivery systems. The attack apparently rewrites the server's Web pages to include JavaScript which pushes malware to the visitor as if it were from the genuine site. Sites using Sybase might possibly be vulnerable, as it uses the same exploited syntax that MSSQL does. The post includes an example of the attack. Unlike most malware attacks, this one appears to originate from the site the user is actually visiting. From the blog: "'Similar to phishing, this attack takes advantage of the website visitor's trust in the site they are visiting. Instead of phishing for information, however, malware is sent to the client, which the client has a higher likelihood of accepting being from a trusted site... These web pages are associated with Web sites from around the world and supplying various content — including government sites, sales sites, real estate sites, and financial information sites among others."

3 of 202 comments (clear)

  1. malware + phishing = by Anonymous Coward · · Score: 4, Funny

    malware + phishing = phalware?

  2. Re:Attempts made on our systems... by corsec67 · · Score: 3, Funny

    Also, for what its worth, all of the IPs (100s of them used in the course of 3 days) trace back to ISPs based in Beijing. Hmmm...

    The Olympics are trying to hack your webserver?

    I wasn't aware that Server CTF was an Olympic sport.

    --
    If I have nothing to hide, don't search me
  3. Re:DELETE FROM USER* by dotgain · · Score: 4, Funny
    Well, it's more scalable then, innit?

    Let's see who's laughing when the Political Correctness brigade catch up with the Gregorian Calendar and hold it to task for picking on poor, old February.