Hackers jack thousands of sites, including U.N. domains
It's a repeat of earlier attacks that relies on an SQL injection, says Websense
"They're using the same techniques as last month, of an SQL injection of some sort," said Dan Hubbard, vice president of security research at Websense Inc., referring to large-scale attacks that have plagued the Internet since January.
Among the sites hacked were several affiliated with either the U.N. or U.K. government agencies, said Websense.
The exact number of sites that have been compromised is unknown, said Hubbard. He estimated that it's similar to the March attacks, which at their height infected more than 100,000 URLs, including prominent domains such as MSNBC.com.
"The attackers have now switched over to a new domain as their hub for hosting the malicious payload in this attack," Websense said in an alert posted yesterday to its Web site. "We have no doubt that the two attacks are related."
"Once loaded, the file attempts eight different exploits," noted the Websense warning, including one that hits a vulnerability in Internet Explorer's handling of Vector Markup Language (VML) that was patched in January 2007.
Maone also said "I told you so" in his blog post yesterday. In an August 2007 entry, he had said that rather than fixing the underlying security problems on the U.N. site, the agency had simply deployed a "pretty useless" firewall that masked the most obvious attack surface.
However, even the disinfected sites could fall victim again, Maone maintained. "The sad truth, though, is that even those 'clean' sites are still vulnerable, hence they could be reinfected at any time," he said.
"Web site owners have to start securing their code," Hubbard noted.
Read more about Security in Computerworld's Security Topic Center.
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Need to Replace MS Threat Management Gateway? Read this article to learn how F5's Secure Web Gateway solution provides a full set of features that can help you successfully migrate...
- The Shortfall of Network Load Balancing Applications running across networks encounter a wide range of performance, security, and availability challenges as IT department strive to deliver fast, secure access...
- Leave No App Behind with Software Defined Application Services F5 Software Defined Application Services (SDAS) is the next-generation model for delivering application services that enables service injection, consumption, automation, and orchestration across...
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Networking White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!