125,000-Plus Sites Tagged by SQL Injection Attack

Friday Dec 11th 2009 by Datamation.com Staff

A new and fairly complex SQL injection attack that began in late November has already contaminated more than 125,000 Web sites with a Trojan known to harvest credit card and other banking information.

According to Internet security and monitoring firm ScanSafe, the injected iframe loads the first stage of malicious code from 318x.com. Then, a series of iframes and code redirections that are invisible to the user culminate with the silent installation of the offending code, Backdoor.Win32.Buzus.croo from windowssp.7766.org.
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved