Trojan Buzus Attack Passes 1.5 Million Infected Sites

A widlfire-fast SQL injection that started picking up speed last week hasn't slowed down. Last week's hundreds of thousands of compromised sites have grown to more than 1.5 million, eSoft reports.The buzus Trojan started gathering more attention -- and more infected sites -- late last week.

According to security firm eSoft, the Trojan has now compromised more than 1.5 million Web sites.

The SQL injection attack blends a variety of infected iframes with redirects to ultimately put information-stealing Trojans in place. The Buzus (aka Buzuz) family of Trojans is well-known for its affinity for financial information and passwords.

This one is not just moving fast, it's mutating -- under the control of its authors -- fast. Time to tighten and re-tighten defenses, limit unnecessary Web surfing, and make sure -- double-sure -- that every one of your employees are doing the same.