Fake Security Alert Brings Down Tens Of Thousands Of Web Sites

X

High tech criminals have crashed hundreds of thousands of web sites around the world including Australia, according to security research company Websense.

Using fake securtity software, the criminals attack web sites by sending out a piece of code, that generates a fake security alert that exploits security loopholes on other sites.

The criminals then insert a link to the website so that visitors to the infected sites are prompted with a message telling them that they have a virus on their computer.

Patrik Runald, senior manager for security research at Websense said that the scale of the attack was “worrying”

The BBC said that  Websense has been tracking the attack since it started on 29 March. The initial count of compromised sites was 28,000 sites but this has grown to encompass many times this number as the attack has rolled on across several Countries.

Websense dubbed it the Lizamoon attack because that was the name of the first domain to which victims were re-directed. The fake software is called the Windows Stability Center.

The re-directions were carried out by what is known as an SQL injection attack. This succeeded because many servers keeping websites running do not filter the text being sent to them by web applications.

The fake security software warns about non-existent viruses on victims’ PCs

By formatting the text correctly it is possible to conceal instructions in it that are then injected into the databases these servers are running. In this case the injection meant a particular domain appeared as a re-direction link on webpages served up to visitors.

 

Early reports suggested that the attackers were hitting sites using Microsoft SQL Server 2003 and 2005 and it is thought that weaknesses in associated web application software are proving vulnerable.

Ongoing analysis of the attack reveals that the attackers managed to inject code to display links to 21 separate domains. The exact numbers of sites hit by the attack is hard to judge but a Google search for the attackers’ domains shows more than three million weblinks are displaying them.

Security experts say it is the most successful SQL injection attack ever seen.

Generally, the sites being hit are small businesses, community groups, sports teams and many other mid-tier organisations.

Currently the re-directs are not working because the sites peddling the bogus software have been shut down.

Also hit were some web links connected with Apple’s iTunes service. However, wrote Websense security researcher Patrick Runald on the firm’s blog, this did not mean people were being redirected to the bogus software sites.

“The good thing is that iTunes encodes the script tags, which means that the script doesn’t execute on the user’s computer,” he wrote.

728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
PAN2664 ChannelNews Banner CM3 728x90px V1 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Whatmough 728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Emberton III BLACK 728x90 without CTA@2x Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Leaderboard 728x90 1 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
hitachi banner 728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Middleton 728x90px Product Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
BlueAnt 4SQM X5iPartySpeaker 728x90px Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Flick of a switch 728x90 1 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
4SquareMedia 728x90 scaled Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Haier 728x90 1 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
05 Channel New Banner T30S COMBO 728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
240215 SAV R Volution CNewsFeb Leaderboard 1 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
728X90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
QUEEN 728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
iP16 4SQRmedia 970 x 90 px 03 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
728x90 Iconic Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Martin Logan 728 x 90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Litheaudio 728x90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
ARLO MG3 2024 Banner 728x90px Fake Security Alert Brings Down Tens Of Thousands Of Web Sites
Belkin Screen Protection 728 x 90 Fake Security Alert Brings Down Tens Of Thousands Of Web Sites


YOU MAY ALSO LIKE