01/25/2009

2008 and injection attacks

In 2008 we saw a new way of infecting users with malware. First thousands of websites were injected with redirect or download links to malware and afterwards they just had to wait and count the downloads. The problem was that any website was attacked with the injection-exploit, so it was only when you had a good security on your computer that you could be more or less protected because the websites could be very normal.

For this reason it is important in 2009 to control your website on the possibility of injection attacks before launching it.

11/08/08 12:22 A belgian online marketingconsultancy.be that is infected/injected
11/08/08 09:11 More infected - injected virusdistributing belgian websites
09/08/08 23:03 More sites injected thanks to a botnet
09/08/08 22:53 And another injection script going round http://www.jve4.ru/ngg.js
09/08/08 22:49 Skynet website and newspaper infected with new dangerous injection 
08/08/08 00:15 The number of Belgian sites that can be injected is hilarious .....
05/06/08 11:46 injected scripts .en-us18.com
04/06/08 12:52 another injection attack on .be domain banner82.com
04/06/08 12:49 new injection attack on .be domains adw95.com 
02/06/08 17:44 Belgian Sites that have chinese redirect scripts injected
02/06/08 17:32 the ongoing injection attacks - a blocklist 
16/05/08 15:29 Google blocks some sites that were injected with javascript 
16/05/08 15:36 New way to inject javascript in a site : change the emaillink 
07/05/08 13:20 Why doesn't Google protect us against all those new sql injection attacks 
02/05/08 18:23 Do you need Chinese traffic ?
02/05/08 18:21 chinese attacks against Belgian infrastructure
24/04/08 23:26 International organisations like UN and Unctad infected / injected 
19/04/08 21:06 Mass attack against 10.000 plus sites is a still ongoing sql attack thanks to Google 
28/03/08 22:19 IFRAME attack continues - update and Belgian infected sites
17/03/08 16:48 this is the injected script in more than 10.000 sites
14/03/08 17:42 Urgent block list to malware serving sites from this and other campaigns
14/03/08 17:17 BIG ALERT Thousands of normal websites infected
07/03/08 10:05 What happens if a travelsite gets injections 
27/01/08 23:09 An ISO certified initiative sponsered by our government has injection problems 
20/01/08 16:59 If you have a SQL database you should test it because 
18/01/08 14:18 This is the list of infected sites they can't desinfect untill now
18/01/08 14:16 this is worse than a zeroday and so 2008 starts very badly
14/01/08 09:34 Still thousands of sites victim of jan 08 mass sql injection attack 

Permalink | |  Print |  Facebook | | | | Pin it! |