A massive SQL injection called Lizamoon is blazing through the internet, infecting more than half a million domains around the world to date and as many as 1.5 million URLs.
The attack initially hit around 50,000 domains when it emerged earlier this week, by using an automated JavaScript injection that targets vulnerable websites. Compromised sites then redirect visitors to malware and scareware-infected domains.
The first malware-filled domain to surface was lizamoon.com, after which the attack was subsequently named. It was responsible for infecting thousands of victims, but is currently offline. Researchers have identified others that are being used in its place.
For more on this ZDNet UK-selected story, see Lizamoon attack soars, but Oz suffers little on ZDNet Australia.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.
Join Discussion