Widespread Web Attack Infects Thousands of Legitimate Sites

Dennis Faas's picture

Thousands of legitimate websites have fallen victim to a widespread web attack.

While the full extent of the attacks remain unknown, security analysts suspect that the hackers used what is called an "SQL injection attack" in an attempt to fool legitimate web sites into running malicious database commands. In short, the attack injects malicious HTML content into a web browser while users are viewing an otherwise legitimate site.

If the malware is successfully installed, it opens a gateway which allows hackers to remotely control a PC. (Source: networkworld.com)

Up to 114,000 Sites Compromised

Initial estimates of the total number of compromised sites vary: researchers at security firm ScanSafe believe that 7,000 sites have been compromised, while analysts at Sucuri Security believe that as many as 114,000 sites have been attacked. (Source: computerworld.com)

This particular web attack is being called the worst since a large number of wordpress-based sites were hacked back in April.

Only Specific Pages Compromised

The silver lining (if you consider it a silver lining) is that the reported sites are not completely compromised. On larger web destinations, for example, attackers can only corrupt certain pages. The reason for this limited access is because some hackers do not attempt a direct attack on the entire website. Rather, they attack a partner site (like an advertising company) that is allowed to post on certain pages.

In response to this, HP and Microsoft have released a free tool called Scrawlr that allows users to check their websites for SQL injection vulnerabilities. Scrawlr will have to suffice for the time being, until security researchers can stop what appears to be a growing security problem.

Rate this article: 
No votes yet