Little Bobby Tables

Botnet sics zombie soldiers on gimpy websites | The Register

Asprox zombies have recently been blessed with a tool that sniffs out potentially vulnerable sites running Microsoft’s Active Server Pages and then tries to commandeer them using SQL injections. When infections are successful, the pages then redirect visitors to websites that silently install a malware cocktail that includes the Asprox malware. The vicious cycle gives the scheme worm-like capabilities.

“Because the tool is distributed by the botnet, it may appear to be worm-like in its operation, which may lead to conflicting reports in the media and blogs about the true nature of the attack,” Joe Stewart, the SecureWorks researcher who discovered the attack, wrote in a report. “However, the SQL attack tool does not spread on its own, it relies on the Asprox botnet in order to propagate to new hosts.”

SQL injection attacks have emerged as the flavor of the month for criminals looking for ways to spread their malware. The seemingly endless supply of servers that haven’t been properly locked down by administrators makes them easy to carry out. Once infected, legitimate websites, some of them operated by the Department of Homeland Security and other high-profile organizations, become a means for transmitting malware to thousands of end users’ PCs.

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: