Mass website hack aimed at online gamers
According to the latest analysis, the mass web site hacks which have been showing up over the last week are aimed at stealing access credentials for online games. The hackers' most prominent victims serving the malware have been the Wall Street Journal and the Jerusalem Post web sites.
The hacked web servers are all Microsoft Internet Information Server (IIS) and ASP-NET-based, but analysis by a number of security services providers has shown that the attacker has used SQL injection vulnerabilities in custom web applications to hack the websites. Administrators are advised to check their systems for any signs of interference and tampering.
According to web application firewall vendor Armorize, the attackers proceeded according to a careful plan. Prior to the SQL injection, scripts were used to probe sites for vulnerabilities and vulnerable systems were then infected with the zero day exploit. Armorize says that this was achieved using techniques for bypassing web application firewalls.
A Chinese group known as dnf666, which was also responsible for a major SQL injection attack in March, appears to be behind the attack.
- Adobe releases final version of Flash Player 10.1, a report from The H.
- Exploit for new Flash vulnerability spreading fast, a report from The H.
- Zero-day vulnerability in Adobe Flash Player, Reader and Acrobat, a report from The H.
- Another mass attack on websites, a report from The H.