An attack that started on Tuesday and affected more than 25,000 sites is being tracked by security firm websense.
The attack, which websense has called the Lizamoon attack after the name of the first domain users were redirected to, uses SQL injection which is a trick used by hackers to inject code into servers by giving SQL commands through a text input source on the page.
After visiting a compromised site users are falsely warned that they have been infected with viruses and attempts to redirect them to a site where they can download a fake anti-virus program called Windows Security Center, to remove the fake threats from their computer, for a small fee of course.
The attack style and it’s intended goal of getting users to pony up their credit cards to fix a false threat, are not new. However researchers at websense are still stumped as to how the attacks are happening and how it spread so out large so fast.
All the re-direct sites have been taken down thanks to websense’s quick action to close their servers. So now the attacks just lead users to empty, shut down pages.
Source: eweek
No comments:
Post a Comment