[Owasp-singapore] Mass SQL injection attacks still scaling up

Wong Onn Chee ocwong at usa.net
Thu Aug 27 22:14:09 EDT 2009


"The mass SQL injection
<http://www.scmagazineus.com/search/SQL+injection/> attacks that gained
earlier this week are continuing, with some 210,000 pages infected so far.

All of the attacks are coming from IP addresses based in China, "

"The attack works in two stages. The first is to *infect the target web
pages*, and then *when visitors browse to the infected pages, malware is
downloaded to their machines*."

Onn Chee: Again the malware is usually not hosted on the target web servers.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090828/83789a57/attachment.html 

More information about the Owasp-singapore mailing list