IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

UPDATED Mass SQL-injection attack compromises 380,000 URLs

A mammoth SQL-injection attack has hit, affecting 380,000 URLs thus far, Websense has claimed.

Security attack

Hundreds of thousands of URLs have been affected by a massive SQL-injection attack, according to security specialist Websense.

The number of affected domains has jumped to 380,000 - and counting - from a more lowly figure of 28,000 when the attack was first spotted earlier in the week.

Affected sites are easy to spot by searching for the line of JavaScript that the attack inserts into a page, which links to a site called Liza Moon.

Websense said in a blog post it was redirecting users to a fake antivirus site earlier in the week.

Several iTunes URLs have been compromised with the injected code, according to Websense though as Apple's system doesn't execute the code, users are presumed safe.

Indeed, the "bad guys" haven't yet done much with the attack, Websense noted.

"We have been monitoring the attack since it came out and noticed that the number of the compromised URLs is still increasing... Different payload sites, have started to be involved in addition to the original Lizamoon.com," said Carl Leonard, threat research manager at Websense Security Labs.

"The payload sites remain inactive at present although they could be switched' on at any time," he added. "We can only speculate as to what the bad guys are waiting for."

UPDATE Websense has now reported more than 500,000 URLs have a script link to Liza Moon.

"The LizaMoon mass-injection campaign is still ongoing and more than 500,000 URLs have a script link to lizamoon.com according to Google Search results," a blog from the firm read.

"We have also been able to identify several other URLs that are injected in the exact same way, so the attack is even bigger than we originally thought."

Additional reporting by Tom Brewster

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Costa Rica declares state of emergency following Conti ransomware attack
ransomware

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022