Submitter

ScanSafe warns that over 50,000 legitimate sites have been hit by a new SQL injection attack, reports V3.co.uk.

The attack inserts a malicious iframe on the sites. Users that visit the sites will unknowingly download what ScanSafe is calling

“a potent Trojan cocktail consisting of backdoors, password stealers and a downloader.”

Smaller businesses seem to be targeted as they don’t have the aggressive support staff of enterprises. ScanSafe senior security researcher Mary Landesman encourages SMBs to research information on how to protect against SQL injection attacks.

“There is a great deal of information available to small web site operators. It’s not something you need to hire expensive consultants to help with. If you’ve got moderate computer skills and can read and follow instructions, that should be enough, at least in terms of SQL injection attacks.”

Tags: business technology, network security, scansafe, smbs, sql injection attack, trojans

This entry was posted on Tuesday, August 25th, 2009 at 11:30 pm and is filed under Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.