SQL Injection Attacks Hit 70,000 WebsitesSQL Injection Attacks Hit 70,000 Websites
Automated attacks spread across government and education environments as well as commercial sites
January 8, 2008
An automated SQL injection attack has caused as many as 70,000 Websites to steer users toward malicious code over the last few days, according to researchers.
The automated attack hit a broad range of Websites, researchers said. "This was a pretty good mass-hack," said Roger Thompson, a researcher at Exploit Prevention Labs -- now a part of Grisoft -- in his blog. "It wasn't just that they got into a server farm, as the victims were quite diverse, with presumably the only common point being whatever vulnerability they all shared."
The SANS Institute's Internet Storm Center said the attack hit government and educational institutions as well as commercial sites. The SQL injection attack may also have played a part in the security problems experienced by Computer Associates over the weekend, SANS said.
Ironically, the attack was launched using an old client vulnerability, and it has been relatively easy to clean up, Thompson said.
"The only exploit we were able to [discover] was the venerable MS06-014 (MDAC) patched in September 2006," Thompson said. "What this means is that [the attackers] went to the trouble of preparing a good Website exploit, and a good mass-hack, but then used a mouldy [sic] old client exploit. It's almost a dichotomy."
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks