This is cache of http://feeds.feedburner.com/~r/DanchoDanchevOnSecurityAndNewMedia/~3/298464633/yet-another-massive-sql-injection.html. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
Yet Another Massive SQL Injection Spotted in the Wild
2008-05-26 10:58:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
 
Another SQL injection attack was spotted in the wild during the last couple of hours, and while it continues remaining active, surprisingly, the malicious domain is not in a fast-flux. As I've already pointed out, the upcoming SQL injection attacks for the next couple of months, will be primarily executed by copycats, where among the few differentiation factors left is increasing the survivability of the domain.

In the particular attack, the injected domain chliyi.com /reg.js loads an iFrame to chliyi.com /img/info.htm where a VBS script attempts to execute by exploiting MDAC ActiveX code execution (CVE-2006-0003), whose detection rate is 1/32 (3.13%) and is detected as Mal/Psyme-A. Approximately, 8,900 sites have been affected.
 
Tags: domain, domain chliyi, attack, sql injection attack, vbs script attempts, chliyi, malicious domain, sql injection attacks, differentiation factors
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia