Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

SQL injection attack strikes BusinessWeek website

Sophos : 16 September, 2008  (Technical Article)
Hackers infect news magazine web site in order to use it as a delivery mechanism to infect readers' computers with malicious code
Experts at IT security and control firm Sophos have discovered that the website of BusinessWeek, the world famous weekly magazine, has been attacked by hackers in an attempt to infect its readership with malware.

Hundreds of webpages in a section of BusinessWeek's website which offers information about where MBA students might find future employers have been affected. According to Sophos, hackers used an SQL injection attack - where a vulnerability is exploited in order to insert malicious code into the site's underlying database - to pepper pages with code that tries to download malware from a Russian web server.

'It's worrying when any site suffers from a malicious SQL injection attack, but when it's also one of the 1000 busiest websites on the internet the stakes are even higher,' said Graham Cluley, senior technology consultant at Sophos. 'The potentially large number of people visiting the site and accessing information to assist their careers may be putting their finances or personal data in jeopardy if they are not properly protected.'

Earlier this year Sophos reported that it identifies more than 16,000 new infected webpages every single day, 90 percent of which are on legitimate sites like BusinessWeek that have been hacked. Sophos discovers a new malicious webpage every five seconds - three times faster than the rate seen during 2007.

At the time of writing, the code injected into BusinessWeek's website points to a Russian website that is currently down and not delivering further malicious code. However, it could be revived at any time, infecting hundreds of MBA students looking for high-earning jobs. Sophos informed BusinessWeek of the infection last week, although at the time of writing the hackers' scripts are still present and active on their site.

'BusinessWeek, and the many other firms hit by SQL injection attacks, need to move fast to not only remove the malicious scripts, but also to ensure that they do not get infected again. Companies whose websites have been struck by such an attack often clean-up their database, only to be infected again a few hours later,' continued Cluley. 'Everyone who browses the web needs to ensure that the pages they visit are being scanned for dangerous code, as more and more sites are being discovered each day hosting malware.'

Cluley has published a video demonstrating the problem on BusinessWeek's website, and providing tips on how companies can better defend themselves from similar attacks.

Sophos recommends that all businesses ensure their websites are fully defending against attacks and all vulnerabilities are patched.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo