Lilupophilupop Attack Going On (More Than 1 Million Web-pages Are Infected)

Security researchers from Internet Storm Center (ISC) have figured out an ongoing mass SQL-Injection attack. It was discovered in December 2011 and that time it was found that only 80 pages ware infected but now it has became 1Million+. The attack was named lilupophilupop because it redirected users to a domain with that name. 
The attackers compromise sites via SQL injection with this string: ">. It appears to have hit sites worldwide, with the most infections in The Netherlands "NL" domain, with 123,000, and includes some .com and .org sites, as well. 

Here Is a Rough Idea of Where The Pages Are :- 
  • UK - 56,300
  • NL - 123,000
  • DE - 49,700
  • FR - 68,100
  • DK - 31,000
  • CN - 505
  • CA - 16,600
  • COM - 30,500
  • RU - 32,000
  • JP - 23,200
  • ORG - 2,690
If you want to find out if you have a problem just search for "<script src="" in google and use the site: parameter to hone in on your domain. 
Mr Mark Hofman of ISC said “Typically it is inserted into several tables.  From the information gathered so far it looks targeted at ASP, IIS and MSSQL backends, but that is just speculation.  If you find that you have been infected please let us know and if you can share packets, logs  please upload them on the contact form.”


Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Categories: ,
Related Posts Plugin for WordPress, Blogger...