Search Perform an advanced search query SOFTPEDIA
 
SOFTPEDIA
Updated one minute ago
HomeSubmit a program for being reviewedAdvertise on our websiteGet help on surfing our websitesSend us your feedbackGet information about our XML/RSS backend and how to use itBrowse the news archiveVisit our discussion forumVizitati forumul in limba romana



KLIP
  1. HOME
  2. SCIENCE
  3. TECHNOLOGY
  4. WEBMASTER
  5. SECURITY
  6. MICROSOFT
  7. LINUX
  8. APPLE
  9. GAMES
  10. TELECOMS
  11. REVIEWS
  12. LIFE & STYLE
  13. EDITORIALS
  14. INTERVIEWS
  15. RSS
Welcome!
Hello, Guest

Login if you have a Softpedia.com account.

Otherwise, register for one.

INCIDENTS

New SQL Injection Worm Found Loose on the Web

- 4,000 websites have been reported to be infected

By: Traian Teglet, Technology News Editor

Not long after a mass attack JavaScript injection was reported to have infected hundreds of thousands of websites, a new SQL injection Worm was found loose on the web. According to the ISC
(Internet Storm Center) website, a total of 4,000 websites have been found infected, after a quick run at a Google search. The report on the above mentioned site clearly states that is unwise to visit the websites mentioned as being infected. They are to be considered dangerous and harmful for your own computer.

The domain name "winzipices.cn" can be found in all of the infected websites HTML source. Searching for the above mentioned domain, on a Google search engine, can get your computer infected, even if you are looking at the "cached" page. It seems that the worm was started somewhere in mid-April, if not earlier. At the moment, the fellows at ISC can provide users with a specific information about how the worm gets into the victims’ databases. All they can say is that the worm puts in some scripts and iframes capable of taking visitors to the infected websites.

Users who have reached these infected sites have most likely been infected through a general vulnerability found in the Real Player. Users are to keep their computer software up-to-date, in order to ensure that they aren't affected by the new threat.

Shadowserver.org has detailed how the new threat is working with specific details. Like ISC, the fellows at Shadowserver.org have specifically informed their users NOT to visit any of the presented websites. If the exploits are successful, the users' PCs will be infected with a file dubbed "test.exe", which downloads from a specific IP address, also found on the above mentioned website. The downloaded malware application seems to react in a manner similar to other Chinese malware applications.

MORE RELATED ARTICLES: Military Servers Vulnerable to Trojan Attacks F-Secure Debuts Internet Security 2009 Beta Hackers Compromise Webcams to Spy on Teens Troj/Dloadr-BKU - Yet Another EXE Downloader Duncan MacMalware, the New Online Highlander Honest Hacker Cracks F1 Malaysian Site
 
Comments | Link here | Subscribe
Print | Send to friend
Today's News | Yesterday's News

Search:

TAGS: SQL injection worm malware

8th May 2008, 14:28 GMT | Copyright (c) 2008 Softpedia | Contact:
Read by 390 user(s) | Rating: | 2 vote(s) so far | Cast your vote:
New SQL Injection Worm Found Loose on the Web - USER OPINIONS




We are sorry, there are no opinions available for this article.


SHARE YOUR OPINION ABOUT New SQL Injection Worm Found Loose on the Web

Since you are not logged on, your comments will have to be approved before being displayed.
Click here to login, or register.
Your Name:
Your Email:
Type in the result:
Your Opinion:
 


DO YOU WANT TO CONTACT US?  

If you have some comments or you want to send us some information you can send us an email directly to .
You can use the form below for the same purpose.
Your full name: (at least 3 characters)
Your email address: (at least 5 characters)
Message subject: (at least 5 characters)
Message text:
(at least 10 characters)
Type in the result:
 
 
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and Softpedia™ logo are registered trademarks of SoftNews NET SRL.
Copyright Information | Privacy Policy | Terms of Use | Contact Softpedia | Update your software | Archive