"They have hit city websites, commercial sites and even government websites, " wrote Sans researcher Donald Smith.
"This type of injection pretty much voids the concept of 'trusted' or 'safe' websites."
Security firm F-Secure said that at least 510,000 pages have fallen victim to the attack.
The compromised sites have been embedded with code that redirects the user to a third-party site at which eight different exploits attempt to install a password-stealing Trojan.
F-Secure and Sans Institute urged administrators to block access to the domains hosting the malware exploit.
The Sans Internet Storm Center recommended blocking access to hxxp:/www.nihaorr1.com and the IP it resolves to 219DOT153DOT46DOT28 at the edge or border of the network.
F-Secure also recommended that administrators of hosting servers check their logs for possible attacks.
The outbreak is the latest in a rash of large-scale attacks this year. In March, a pair of attacks, one infecting 10,000 pages and another compromising 200,000 pages, were uncovered by researchers.
SQL attack hits 500,000 websites
By
Shaun Nichols
on Apr 26, 2008 3:56PM
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Kaseya Dattocon APAC 2024 is Back
Channel can help lead customers to boosting workplace wellbeing with professional headsets
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Sponsored Whitepapers
-1.jpg&w=100&c=1&s=0)
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
.png&w=100&c=1&s=0)
