In early June, thousands of websites were compromised by a SQL injection attack that allowed hackers to place HTML and Javascript code into the sites' content management systems. An injected iframe resulted in the web pages redirecting visitors to Robint.us where a maliciously crafted page would attempt to infect them with the Mal/Behav-290 malware.rnAll the compromised sites were hosted using Microsoft IIS and ASP. NET, although it's thought that the SQL injection attack was carried out against specific web applications. Hacked sites included Intljobs. org, The Wall Street Journal (wsj. com), The Jerusalem Post and the Strathclyde police force's website in the UK. At one time, as many as 100,000 pages may have been affected.
展开▼