Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Mass SQL injection attack leads to scareware


01 Apr 2011   #1

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 
Mass SQL injection attack leads to scareware

Quote:
Security researchers from WebSense have detected a mass SQL injection attack (hxxp://lizamoon.com; 58,300 affected pages), which the cybercriminals monetize through scareware, also known as fake security software. The attack has also affected several iTunes web pages.

More details:
The way iTunes works is that it downloads RSS/XML feeds from the publisher to update the podcast and list of available episodes. We believe that these RSS/XML feeds have been compromised with the injected code. The good thing is that iTunes encodes the script tags, which means that the script doesn’t execute on the user’s computer. So good job, Apple.The URL that is injected is unavailable right now, but the server is still up and running, so that could change at any time. While it was up, the script contained simple JavaScript code that redirected the user to a well-known Rogue AV site: hxxp://defender-uqko.in. That site is also unavailable right now, so we don’t have the actual binary analysis information available yet.
From the perspective of the attacker, mass SQL injection attacks are highly beneficial from a blackhat SEO (blackhat search engine optimization) perspective, as they hijack both the affected web site’s page rank, including the SEO-friendly content that comes with it. Compared to malvertising attacks, mass SQL injection attacks have declined in recent months, indicating a migration trend towards shorter, but more traffic-intensive windows of opportunities for malicious attackers to take advantage of thanks to malvertising.

Users are advised to use NoScript, as well as go through the Ultimate Guide to Scareware Protection.
Read more:

Mass SQL injection attack leads to scareware | ZDNet


My System SpecsSystem Spec
.

03 Apr 2011   #2

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

Quote:
Will LizaMoon Impact Me?

No. It shouldn't. The malicious code injected by LizaMoon redirects visitors from the compromised intended destination to an alternate site pushing rogue antimalware protection. You will see a pop-up warning that your PC is infected. Click OK, and the malicious code performs a fake scan of your system indicating a number of detected malware threats. If you click "Remove All" to eradicate the non-existent threats, you will instead download the real malware--the rogue AV software.
Source

A Guy
My System SpecsSystem Spec
Reply

 Mass SQL injection attack leads to scareware




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:38 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33