A new web attack is underway and it has affected anywhere from 7,000 to over 100,000 websites. Among them are such prominent sites as the Wall Street Journal and the Jerusalem Post. The hackers behind the attack used SQL injection to redirect users who visited certain pages on the sites to a malicious domain that attempts to download a rootkit to their computers. If it succeeds the hackers are able to take over that system completely.
While security experts noted that all the compromised sites are using Microsoft Internet Information Services Web-server software running Active Server Pages, Microsoft was quick to deny any responsibility for the attacks.
“The SQL injection attacks that allow the systems to be compromised are occurring due to vulnerabilities in third-party web applications and do not demonstrate vulnerabilities in Microsoft software,” said Microsoft spokesman Jerry Bryant via e-mail. “We do offer guidance for developers on how to code applications so they are protected against SQL injection,” he added.
The Wall Street Journal has since repaired the compromised pages on its site.