Recently, a lot of websites appear to have been compromised by a m(–foul word(s) removed–)ive cyber attack.
People who are into this kind of jobs are more likely well known as attack vector, they tend to find security loopholes on other sites and insert link to their website.
Users who will click such link will be prompted to the criminal’s webpage and will be told that their computer was affected by different viruses.
As a solution to this problem, security researchers have managed to get the sites offering the Sham Software Shut down.
According to the security firm Websense who has been tracking such kind of attack since it started on March 29, they have found out that more than 28,000 websites has been victimize by this scam and it continues to grow in numbers as it rolled on.
“Lizamoon Attack”, this is the name given by the security firm Websense because the first victim of this attack was directed into the domain named Lizamoon. The fake software that attack vectors have made is called the “Windows Stability Center”.
Security researchers have found out that such kind of link has managed to get into different sites by what is known as an SQL injection attack. Server Keeping Sites who do not filter the text being sent to them by web applications are most likely the target of the “Lizamoon Attack”.
Attack vectors tend to format the text correctly so that it is possible for them to hide instructions in it and then it is injected into the databases that the victimize website are running. The injected text will make a link that is meant to a particular domain that appeared as a re-direction link on the webpage of the attackers.
As of now, researchers have found out that the attackers are using the Microsoft SQL Server 2003 and 2005 to hit different sites. Further analysis also shows that attackers have managed to inject codes that provide link directed to 21 separate domains.
Security experts also admitted that this attack is the most successful SQL injection attack ever seen.
Most websites hit by this attack are small business, community groups, sports teams and other mid-tier organization.