By Robert McMillan
IDG News Service
June 9, 2010
Internet users have been hit by a widespread Web attack that has
compromised thousands of Web sites, including Web pages belonging to the
Wall Street Journal and the Jerusalem Post.
Estimates of the total number of compromised Web sites vary between
7,000 and 114,000, according to security experts. Other compromised
sites include Servicewomen.org and Intljobs.org.
Cisco Systems' Web-tracking subsidiary, ScanSafe, started following the
incident two days ago, said Mary Landesman, a senior security researcher
with Cisco. Somehow, the hackers have posted malicious HTML code on the
affected Web sites that redirects victims to a malicious Web server.
This server tries to install software on Web visitors' computers. If
it's successful, the software gives the criminals a way to remotely
control their victims' PCs.
Security researchers are still gathering data on the attacks, but they
suspect that hackers used what's known as an SQL injection attack to
trick the Web sites into running database commands, which ultimately
gave the hackers a way of installing their malicious HTML.
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com