Remember meForgot password?
    Log in with Twitter

article imageMore than 500,000 websites compromised by cyber attack

By Kev Hedges     Apr 1, 2011 in Internet
A massive cyber attack on hundreds of thousands of websites which compromises security and then links to its suspicious website has been shut down by security researchers.
Those who visited the suspect links were told their machines were infected with viruses. The attack started on March 29 (Tuesday) and at first security research teams found 28,000 sites had been compromised. However, this figure has increased ten-fold and more as the attack gathers pace.
On Thursday, security blog site Websense said the campaign is still going and could have now infected a million URL's. The security site have been tracking the cyber attack since it started on March 29 and they say they "fear the attack is even bigger than we originally thought".
It has been dubbed the Lizamoon attack because that was the name of the first domain to be misdirected. The re-directions were carried out by what is known as an SQL injection attack, which is where a code injection technique exploits a security issue present within an application.
Computerworld counts the attack as among the most widespread mass-injection attack on record.
The online music store iTunes is one of the more well-known sites to have been affected but fortunately iTunes encodes script tags, which means that the script doesn't execute on the user's computer, reports blogger Patrick Runald of Websense. Most sites affected tend to be mid-tier domains hosting sports teams, local bands, small businesses and community groups.
Currently the re-directs are non-operational because the sites peddling the bogus software have been shut down.
More about Cyber attack, Computer virus, Security software
Latest News
Top News