Hi, I'm still on SQL Injection attacks.
This article puts a new spin on the problem:
http://www.networkworld.com/news/2009/082709-sql-attacks-linked.html?hpg1=bn
Three waves of SQL attacks have created botnets of 80K in China, 67K in US and 40K in India (must be all those good Indian computer people that are keeping their country safer).
The attacks have expanded their scope by adding frames to legitimate websites that redirect the user to a "mal-domain", coined by senior security researcher at ScanSafe, Mary Landesman.
Seven domains have been identified as the orignation point of the attacks. All seven domains are owned by the same gibberish named account. This happened because registars allow domain name registration by automated process.
Landesman says "We have a system that allows people to provide completely bogus details about who they are".
So the author of the SQL Injection attacks is not only technically savvy, but uses the flaws in the registars' system to proliferate new websites to launch attacks against China, US and India. Let's see, who does that leave? Maybe its coming from the Russians.
Its not just the openness of the automated domain name registration system, but the lack of any effective oversight. These criminals are opening malware websites right in the open, with no checks.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment