SQL Injection Attack Alert

I've already mentioned this on the AVIEN blog, as it was an AVIEN member who first drew it to my attention, but a fairly dramatic SQL Injection attack has been flagged by the Internet Storm Center: it appears to resemble the lizamoon attack which was reported as affecting around a million sites earlier in the year.

Blocking the lilupophilupop.com site referenced in the injection string should prevent infection for the present, according to Mark Hofman, but there's much more information on the ISC diary entry – even the comments include some useful extra information.

ESET Senior Research Fellow

Author David Harley, ESET

Follow us

Copyright © 2015 ESET, All Rights Reserved.