04-26-2008, 08:33 AM
Quote:The sophisticated mass infection that's injecting attack code into hundreds of thousands of reputable web pages is growing and even infiltrated the website of the Department of Homeland Security.
While so-called SQL injections are nothing new, this latest attack, which we we reported earlier, is notable for its ability to infect huge numbers of pages using only a single string of text. At time of writing, Google searches here, here and here showed almost 520,000 pages containing the infection string, though the exact number changes almost constantly. As the screenshot below shows, even the DHS, which is responsible for protecting US infrastructure against cyber attacks, wasn't immune. Other hacked sites include those belonging to the United Nations and the UK Civil Service...
full article: http://www.theregister.co.uk/2008/04/25/...ack_grows/
more:
Quote:Websense, which wrote about the mass infection Tuesday, said the attackers perpetrated a similar assault a few weeks ago on news and travel sites. Little is known about the group responsible, except that they're using the nihaorr1.com domain name, which appears on the surface to be registered to someone in Shanghai.
Users visiting an infected site will be redirected to a series of sites that eventually tries to exploit eight different vulnerabilities, all of which have been patched.
We've written plenty about vulnerabilities in browsers, media players and other types of software that are triggered only after the mark visits a website under the control of the attacker...
full article: http://www.theregister.co.uk/2008/04/24/...eb_attack/