Bots Use SQL Injection Tool in Web Attack
"The Asprox botnet, a relatively small botnet known mainly for sending phishing emails, has been spotted in the last few days installing an SQL injection attack tool on its bots. The bots then Google for .asp pages with specific terms -- and then hit the sites found in the search return with SQL injection attacks, says Joe Stewart, director of malware research for SecureWorks, who has documented his findings on the attack.
Stewart says the Asprox botnet’s SQL injection attack is likely a copycat of the recent SQL injection Website attacks from China, which deliver a Trojan that steals online gaming passwords. But this is the first SQL injection attack Stewart has seen using a botnet and a toolkit to do the dirty work. Asprox so far has infected over 1,000 Websites this way, he says.
“I’ve seen bots get other types of infection tools, but not SQL injection” tools, Stewart says. “It’s almost like they noticed the Chinese[-based] attack and copied their code into their own binary for their own attack... The hacks are so similar to the way the other SQL injection attacks are going." - DarkReading
Article Link: http://www.darkreading.com/document.asp?doc_id=153921&WT.svl=news1_2
Comments
All Comments are Moderated and will be delayed!
Post a comment
Verify your Comment
Previewing your Comment
Posted by: |
This is only a preview. Your comment has not yet been posted.
The letters and numbers you entered did not match the image. Please try again.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.