One Million Web Pages Attacked By Lilupophilupop

hankwang writes "The Internet Storm Center reported that one million web pages have been attacked by the Lilupophilupop SQL injection and contain a malicious Javascript link. Affected sites can be found using a Google search query. See also the technical details of the SQL injection. The attack is directed to sites running ASP or ColdFusion with an MSSQL backend. The payload of the Javascript leads, via redirects and obfuscated Javascript, to a fake download page for Adobe Flash and antivirus software."

Hosted in.. Transnistria

[Dynamoo]

The malware site is hosted by Specialist Ltd in Transnistria, who are a totally black hat operation. They can get away with it because almost nobody recognises the existence of Transnistria, so it is effectively outside the reach of international law enforcement.