{"id":331,"date":"2011-04-01T13:16:55","date_gmt":"2011-04-01T17:16:55","guid":{"rendered":"http:\/\/goodwin.drexel.edu\/isensor\/drho\/?p=331"},"modified":"2011-04-01T13:16:55","modified_gmt":"2011-04-01T17:16:55","slug":"lizamoon-mass-sql-injection-attack-escalates-out-of-control-one-million-sites-compromised","status":"publish","type":"post","link":"https:\/\/shuyuanmaryho.com\/?p=331","title":{"rendered":"&#8216;LizaMoon&#8217; Mass SQL Injection Attack Escalates Out of Control &#8211;  one million sites compromised!"},"content":{"rendered":"<div class=\"fcbkbttn_buttons_block\" id=\"fcbkbttn_left\"><div class=\"fcbkbttn_button\">\n                            <a href=\"https:\/\/www.facebook.com\/\" target=\"_blank\">\n                                <img decoding=\"async\" src=\"https:\/\/shuyuanmaryho.com\/wp-content\/plugins\/facebook-button-plugin\/images\/standard-facebook-ico.png\" alt=\"Fb-Button\" \/>\n                            <\/a>\n                        <\/div><div class=\"fcbkbttn_like \"><fb:like href=\"https:\/\/shuyuanmaryho.com\/?p=331\" action=\"like\" colorscheme=\"light\" layout=\"standard\"  width=\"450px\" size=\"small\"><\/fb:like><\/div><\/div><p>Millions of unique URLs have been infected with a rampant SQL injection attack Websense has dubbed \u201cLizaMoon.\u201d The SQL injection attack redirects users to a fake AV site.<\/p>\n<p>A mass SQL injection attack that initially compromised 28,000 websites has spiraled out of control. At the last count, more than a million sites have been compromised, with no end in sight.<\/p>\n<p>Security firm Websense has been tracking the \u201cLizaMoon\u201d attack since it started March 29. The company\u2019s malware researchers dubbed the attack LizaMoon after the first domain that victims were redirected to. At the redirected site, users saw a warning dialog that they had been infected with malware and a link to download a fake antivirus.<\/p>\n<p>The users are shown a number of threats supposedly on their computer, but the fake AV, Windows Stability Center, won\u2019t remove them until the user pays up, in a \u201cvery traditional rogue AV scam,\u201d wrote Patrik Runald, the Websense researcher who has been following the attack over the past few days.<\/p>\n<p>The list of redirect URLs has ballooned in the days since, as Websense updated its list March 31 with 20 additional sites, making this one of the biggest mass-injection attacks ever. <\/p>\n<p>More than 500,000 URLs have been injected with LizaMoon, according to Runald. If all the domains used in the attack are considered, eWEEK found about 2.9 million results on Google Search that have been compromised.<\/p>\n<p>From eWeek: http:\/\/www.eweek.com\/c\/a\/Security\/LizaMoon-Mass-SQL-Injection-Attack-Escalates-Out-of-Control-378108\/ <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Millions of unique URLs have been infected with a rampant SQL injection attack Websense has dubbed \u201cLizaMoon.\u201d The SQL injection attack redirects users to a fake AV site. A mass SQL injection attack that initially compromised 28,000 websites has spiraled &hellip; <a href=\"https:\/\/shuyuanmaryho.com\/?p=331\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-331","post","type-post","status-publish","format-standard","hentry","category-the-latest-news-ideas-problems-strategies-and-tactics-in-securing-cyberspace-and-virtual-organizations-discussed-by-experts-in-industries-as-well-as-academia"],"_links":{"self":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/posts\/331","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=331"}],"version-history":[{"count":0,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=\/wp\/v2\/posts\/331\/revisions"}],"wp:attachment":[{"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=331"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=331"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/shuyuanmaryho.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=331"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}