Sony is the next victim in the explosion of automated SQL Injection (SQLi) attacks online. Sophos is reporting that US-based Sony PlayStation website has been hit in the recent string of coldwop-dot-com attacks. The attacks, automated and wide spreading thanks to the ASProx botnet, have targeted about 40,000 websites.
Sony the latest name on the automated SQLi attack list. (IMG:J.Anderson/Playstation.com)
Now the number of sites infected, is likely far less than 40,000 but because the tool is automated, the target number is accurate. The ASProx botnet is the likely culprit. The US-based Playstation.com is just one more name to the list. Sophos said that the tool placed malicious code on pages promoting the PlayStation games SingStar Pop and God of War. Dancho Danchev reported on ZDNet that there were about 209 pages with the code placed in the page. A Google search by The Tech Herald turned out links to 189 pages, so Sony is cleaning up the mess.
At the time of the warning by Sophos, the code (b.js) displays a fake anti-virus scan and offers up a fake, often obviously fake depending on the current theme of the system, message that their computer is infected with a variety of different viruses and Trojan horses. The “Ransomware” as it is called in the press, really it is Malware plain and simple, will offer to clean up these infections if you pay.
"There are millions of video game lovers around the world, many of whom will visit Sony's PlayStation website regularly to find out more about the latest console games. Most would never expect that surfing to a website like this could potentially infect them with malware. If users do not have sufficient protection in place then they might find that before they know it they have been scared into handing their credit card details over to a bunch of cybercriminals," said Graham Cluley, senior technology consultant for Sophos. "It is essential that all websites, especially when they are high profile like this or receiving a large level of traffic, have been properly hardened to prevent hackers from injecting malicious code on to what should be legitimate web pages."
Sophos has a point that the websites need to scan and clean their code. They are not the only ones who think this. Microsoft recently released three tools and offered several tips about how to deal with SQLi attacks. You can read more here.
View blog reactions
There are currently no comments for this article. Be the first to comment! (no registration required)
Advertising
There are currently no comments for this article. Be the first to comment! (no registration required)