Printed from www.pcpro.co.uk
Silent Love China attack hits 9,000 Western websites
Posted on 20 May 2008 at 11:59
A new round of SQL injection attacks that are believed to have been launched from China have compromised more than 9,000 Western websites.
Click here to read the NEW PC Pro blog
The large-scale attacks only began on Saturday, but by Monday morning more than 7,000 websites had been affected, according to security firm ScanSafe.
A Google search conducted at the time of publication reveals that more than 9,000 sites have now been hit.
The attacks inject an iframe which loads malicious content from qiqigm.com, a domain that was only registered last Friday, a day before the attacks were first recorded.
RealPlayer and Internet Explorer vulnerabilities are targeted by the attacks which, if successful, lead to the installation of a password-stealing Trojan. The phrase "Silent love China" is also buried in the exploit code.
ScanSafe's senior security researcher, Mary Landesman, says the attacks are targeted at English-language websites, with Chinese government websites specifically excluded.
Author: Barry Collins
advertisement
- Microsoft shows courage at Tech-Ed 09
- PowerPoint and Silverlight: a perfect match?
- Why all the fuss over Windows Explorer?
- Your iPhone has a virus? Well it's your fault
- Motorola pays Lucas for its Droid
- Where are the killer apps for Windows?
- Will you hit the Orange iPhone "unlimited" cap?
- USB 3 first benchmark - it's here, and it's fast
- Why Windows 7 has forced me to worry about security
- How Dixons is (under)selling Windows 7
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
- Building a better Google
- Beware HP's horrendous printer-driver glitch
- Microsoft debuts free Morro antivirus package
- Getting started with Search Server 2008 Express
advertisement
