 
|
|
In partnership with:
|
21 July 2008 Thousands of targeted sites “the tip of the iceberg”Rob Stringer Thousands of websites, including those of the NHS, government and many high-profile businesses have been compromised with SQL injection attacks. The attacks, discovered by Finjan, have employed a toolkit known as “Asprox”, which has been around for several years, gaining increasing popularity within cyber-crime. Asprox searches for webpages on Google containing the file extension [asp.] before launching the SQL injection attack, appending a reference to the malware file using the iframe tag. “We believe this is just the tip of the iceberg for the scope and impact of this attack” commented Yuval Ben-Itzhak, CTO of Finjan. “It shows again the resourcefulness and flexibility of cyber-criminals. It requires proactive security solutions to safeguard organisations against these kinds of mass web attacks.” Targeted sites included the official website of the government of the City and County of San Francisco, the official website of the University of California, The Baltimore Times and the official BMW site of Mexico. Related stories: Hackers target popular websites
|
|
