Thousands of legitimate sites SQL injected to serve IE exploit
"Once again confirming the trend of having more legitimate sites serving exploits and malware than purely malicious ones, Chinese hackers have been keeping themselves busy during the last couple of days, launching massive SQL injection attacks affecting over 100,000 web sites.
The SQL injection attacks serving the just patched Internet Explorer XML parsing exploit, are launched by several different Chinese hacking groups, and with several exceptions, are primarily targeting Asian countries which is a pretty logical move given the fact that it’s a password stealing malware for online games that is served at the bottom line.
Which is the most targeted country?
According to some stats from Symantec, China ironically remains the most actively targeted country by the IE exploit, ironically in the sense that it was Chinese researchers that leaked the exploit at the first place."
Read more: http://blogs.zdnet.com/security/?p=2328
A trend that will, no doubt, continue. I've been telling anyone who will listen "hackers" aren't just out there trying to steal your data. They're out there trying to ride your high click-stream! If you have a site that's high traffic you're a prime target to get injected like this so that malware purveyors can silently install trojans on your machine that'll deliver adware or other software in order for them to make money. It's a simple matter of economics...
Good post.
Posted by: Rafal | Dec 18, 2008 8:36:16 PM