News From, (One of The Many) “Guardians of Reality!”

LizaMoon “SQL Injection Attack”

LizaMoon “SQL Injection Attack”
Millions of unique URLs have been infected with a rampant SQL injection attack Websense has dubbed “LizaMoon.” The SQL injection attack redirects users to a fake Anti-Virus website.

A mass SQL injection attack that initially compromised 28,000 Websites has spiraled out of control. As of M the last count, more than a million sites have been compromised, with no end in sight.

Security firm Websense, has been tracking the “LizaMoon” attack since it started March 29. The company’s malware researchers dubbed the attack LizaMoon after the first domain that victims were redirected to. At the redirected site, users saw a warning dialog that they had been infected with malware and a link to download a fake antivirus.

The users are shown a number of supposed threats on their computer, but the fake AV, Windows Stability Center, won’t remove them until the user pays up, (as in typical, mafia-style, AV scams).

Considering the large number of sites infected, users all around the world are affected, with victims in the United Kingdom, Kuwait, India, Australia, Turkey, Brazil, Israel, Mexico, Taiwan and Chile, among others, according to figures from Websense Threatseeker Network. The bulk of the victims, at 47 percent, appear to be from the United States.

The domains used in this attack, including the redirect URLs and the server where the malware is hosted, are all associated with one of four IP addresses. While the 20 (or so) domains being used as the redirect URL rotate between two IP addresses, there are more than 120 India-based or Cocos Island-based domains all pointing to one malware host server, and 50 India-based domains going to another.

The domains have all been registered, using automatically registered accounts at Gmail. The first domain on the list, was registered as far back as October 2010, and new domains have been added since LizaMoon exploded.

Google Search: “LizaMoon ‘SQL Injection Attack’

As ALWAYS, (While Computing W/Your Puter)
To Avoid These Types of Viruses, Trojans, or Worms:

From; “Windows Secrets
LizaMoon Infection: A Blow-by-blow Account


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s