Members
  • Total Members: 12809
  • Latest: Dorel
Stats
  • Total Posts: 28474
  • Total Topics: 8238
  • Online Today: 885
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: LizaMoon.com SQL Injection attack affects 380k+ URLs... including Apple's iTunes  (Read 2485 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


This seems like the week for SQL Injection attacks. First, MySQL.com was attacked and passwords from the site were extracted and published on the web.


Now an attack called LizaMoon is running rampant throughout the internet and, according to the alert published by security company WebSense, has impacted over 380,000 unique URLs in the past few days.

One of the high profile sites that has been hit by the attack is Apple's iTunes, although the way the site handles the scripting tags appears to prevent the rogue code from running on a user's machine. If not properly secured, this could have been a big black stain on Apple's reputation.

Users who want to identify sites that have been impacted by the attack can use a simple Google search, replacing apple.com with the site of interest.

Quote
"src=http://lizamoon.com/ur.php" site:apple.com

The server that the script is redirecting users to is currently offline and not available to pings, but could be restarted at any time. Before the site was shutdown, the JavaScript redirected users to a fake antivirus site in an attempt to trick users into installing and running the software. The site was registered on March 25th to a James Northone and while the information about the domain is clearly falsified on the WebSense article, a current look at the domain now shows that the owner's address is in Plainview, NY. It's unclear if this information is now accurate or if the attacker simply made up fake information to prevent the authorities from shutting it down quickly.

Source
: http://newsapp.info/news/lizamoon-sql-injection-attack-affects-380k-urls/msg4820/#msg4820




Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising