AOH :: ISNQ6379.HTM

Mass Web attack hits Wall Street Journal, Jerusalem Post

Mass Web attack hits Wall Street Journal, Jerusalem Post
Mass Web attack hits Wall Street Journal, Jerusalem Post


http://www.computerworld.com/s/article/9177904/Mass_Web_attack_hits_Wall_Street_Journal_Jerusalem_Post 

By Robert McMillan
IDG News Service
June 9, 2010

Internet users have been hit by a widespread Web attack that has 
compromised thousands of Web sites, including Web pages belonging to the 
Wall Street Journal and the Jerusalem Post.

Estimates of the total number of compromised Web sites vary between 
7,000 and 114,000, according to security experts. Other compromised 
sites include Servicewomen.org and Intljobs.org.

Cisco Systems' Web-tracking subsidiary, ScanSafe, started following the 
incident two days ago, said Mary Landesman, a senior security researcher 
with Cisco. Somehow, the hackers have posted malicious HTML code on the 
affected Web sites that redirects victims to a malicious Web server. 
This server tries to install software on Web visitors' computers. If 
it's successful, the software gives the criminals a way to remotely 
control their victims' PCs.

Security researchers are still gathering data on the attacks, but they 
suspect that hackers used what's known as an SQL injection attack to 
trick the Web sites into running database commands, which ultimately 
gave the hackers a way of installing their malicious HTML.

[...]


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com

Site design & layout copyright © 1986- CodeGods