Over 1.5 million pages affected by the recent SQL injection attacks

Summary:In an attempt to mitigate the impact of the recent waves of SQL injection attacks, and provide more transparency into the approximate number of affected pages, the Shadowserver Foundation is starting to maintain a list of all the malicious domains used in the continuing efforts by copycats to inject as many legitimate sites as possible. Currently counting over fifty malicious domains, and the corresponding number of affected pages by them, the total number is just over 1.

In an attempt to mitigate the impact of the recent waves of SQL injection attacks, and provide more transparency into the approximate number of affected pages, the Shadowserver Foundation is starting to maintain a list of all the

The Shadowserver Foundation
malicious domains used in the continuing efforts by copycats to inject as many legitimate sites as possible. Currently counting over fifty malicious domains, and the corresponding number of affected pages by them, the total number is just over 1.5 million.

Needless to say to stay away from these domains if you don't know what you're doing. The Shadowserver's announcement :

"Below is a list of domains used in the mass SQL injections that insert malicious javascript into websites. We've also included an approximate number of pages infected (according to Google). Note that these numbers decay with time. Some of these domains were injected long ago and have been cleaned. At their height, their numbers may have been larger."

Despite that some of the malicious domains are down, or in a process of getting shut down, as long as the long tail of SQL injection attacks is possible due to vulnerable sites at the far corner of the Web, the bad guys would simple keep re-introducing new domains within, or emphasize on increasing their life cycle by fast-fluxing them as we've already seen this happen.

Topics: Malware, Security, Software

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.