Lizamoon malware attacks 1.5 million websites

A major SQL injection is infecting half a million domains worldwide, which is causing sites to redirect visitors to malware and scareware-infected domains

A massive SQL injection called Lizamoon is blazing through the internet, infecting more than half a million domains around the world to date and as many as 1.5 million URLs.

The attack initially hit around 50,000 domains when it emerged earlier this week, by using an automated JavaScript injection that targets vulnerable websites. Compromised sites then redirect visitors to malware and scareware-infected domains.

The first malware-filled domain to surface was, after which the attack was subsequently named. It was responsible for infecting thousands of victims, but is currently offline. Researchers have identified others that are being used in its place.

For more on this ZDNet UK-selected story, see Lizamoon attack soars, but Oz suffers little on ZDNet Australia.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All