Slashdot Mirror

← Back to Stories (view on slashdot.org)

SQL Injection Attack Claims 132,000+

Posted by CmdrTaco on Thursday December 10, 2009 @02:23AM from the check-yer-code-people dept.

An anonymous reader writes "A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites. ScanSafe reports that the injected iframe loads malicious content from 318x.com, which eventually leads to the installation of a rootkit-enabled variant of the Buzus backdoor trojan. A Google search on the iframe resulted in over 132,000 hits as of December 10, 2009."

3 of 186 comments (clear)

Min score:

Reason:

Sort:

why don't these go away? by v1 · 2009-12-10 02:30 · Score: 3, Interesting

If they know where the site is that's hosting the payload why don't they just shut them down? I realize the locations for the hosting are carefully chosen to provide maximum insulation, but still you'd expect that by now (years after this sort of thing became common) that there'd be mechanisms and procedures in place to break these down swiftly?

--
I work for the Department of Redundancy Department.
How is SQL involved? by Bromskloss · 2009-12-10 02:38 · Score: 3, Interesting

The article said "SQL" in the headline, but never mentioned it again after that.

--
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
No... by Oxford_Comma_Lover · 2009-12-10 02:56 · Score: 3, Interesting

The assumption is that once there are a hundred thousand servers hit, and maybe fewer, if the hosting company doesn't shut down the site within an hour or two a responsible upstream router blocks traffic from the site. Every delivered payload costs society more time and money.

--
-- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!