ESET Threat Blog
David Harley

SQL Injection Attack Alert

by David Harley Senior Research Fellow
December 2, 2011 at 8:52 am

I've already mentioned this on the AVIEN blog, as it was an AVIEN member who first drew it to my attention, but a fairly dramatic SQL Injection attack has been flagged by the Internet Storm Center: it appears to resemble the lizamoon attack which was reported as affecting around a million sites earlier in the year.

Blocking the lilupophilupop.com site referenced in the injection string should prevent infection for the present, according to Mark Hofman, but there's much more information on the ISC diary entry – even the comments include some useful extra information.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow

.

This entry was posted on Friday, December 2nd, 2011 at 8:45 am and is filed under AVIEN, David Harley, SQL injection. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

Share |
Subscribe by Email
To receive new posts automatically through email, enter your email address:

Delivered by FeedBurner

Blog Search
Categories
Authors
Tags
Adobe autorun Botnet Conficker Cybercrime Facebook google Malware Microsoft patch Phishing privacy SC Magazine Security Social Engineering Spam Stuxnet The Register Twitter Virus Bulletin
Archives

Switch to our mobile site