Beijing time on April 2nd morning news, called LizaMoon malicious code from SQL in March 29th is sweeping the globe. Although the major portals safe, but thousands of small sites have been affected. The hacker practices sophisticated, they inject code into the site, and then redirect the user to a fraudulent software sales site. Network security experts said the repair work will take some time.
first discovered the attack was the technology security company Websense. Earlier this week, researchers were first driven by malicious code to fraudulent websites. According to their assessment, the attack is the largest ever, hackers are running through the Internet behind the database server, the successful injection of malicious code. Websense called the attack "LizaMoon". Currently affected by the majority of small sites, there is no evidence that the mainstream companies or government websites were invaded.
Websense senior manager Patrick · Ronald (Patrik Runald) explained that, when the user access is attacked ", they can see themselves redirected to another website, if the user closes the window, will not be affected.
But if the
page address user is infected in type not timely close the window, or click on the infected with malicious code links, they are oriented "will display a warning message" Windows stability center ", to inform the user that their computer has a problem, and urged them to buy software for repair. But this is a fake Microsoft security product.
Websense analysis, this website looks by sophisticated hackers to get money, but it is not clear whether the hacker has when the user pay, on their computer implanted in malicious software, or in operation when the user put their information and identity theft fraud association.
Websense points out that the quality of the fraud site looks good, but it’s obviously fake. Microsoft is not known as Windows stability center products. Microsoft did not comment on the attack in a timely manner.
Apple Corp iTunes services on a number of podcasts (video sharing) content of third party sites under attack. But Apple seems to have stopped running malicious links. Websense said Apple has yet to comment.
this attack may take some time to be controlled repair, because the researchers need to identify the software to be attacked, and then the site operator to install the repair software.
Ronald explained that the impact of such attacks will continue for a long time, once the code into the software, it will remain in the software, so LizaMoon will not disappear overnight. (Qiao Lin)