Security researchers from WebSense have detected a mass SQL injection attack
; 58,300 affected pages), which the cybercriminals monetize through scareware, also known as fake security software
. The attack has also affected several iTunes web pages.
From the perspective of the attacker, mass SQL injection attacks are highly beneficial from a blackhat SEO (blackhat search engine optimization) perspective, as they hijack both the affected web site’s page rank, including the SEO-friendly content that comes with it. Compared to malvertising attacks
, mass SQL injection attacks have declined in recent months, indicating a migration trend towards shorter, but more traffic-intensive windows of opportunities for malicious attackers to take advantage of thanks to malvertising.
Users are advised to use NoScript
, as well as go through the Ultimate Guide to Scareware Protection