HDTV/3D TV News
On Friday we reported on the phenomenon known as LizaMoon, a large-scale SQL Injection attack.
The attack has certainly hit a number of websites, injecting code which links across to a scareware site, which in turn flags false viruses and tries to get the user to install Windows Stability Centre, a rogue AV utility.
Before the weekend, security firm Websense indicated that sifting through Google revealed some 1.5 million infected URLs, although the company did admit that number was over-inflated. It didn’t claim an exact number of infected sites, but did say the figure was likely in the hundreds of thousands.
But not according to an article on PC Pro, which cites Google’s Principal Engineer, Niels Provos. He actually estimated sites with a functioning redirection, leaving out those which carried the code, but not in a functional form.
And his conclusion was that LizaMoon actually peaked in October of last year, with near to 6,000 infected sites. It slumped away after that, but is now undergoing a significant revival, and is back up to those sort of peak levels.
However, hundreds of thousands it most certainly isn’t. Provos argues it’s relatively small fry compared to the Gumblar attack launched a couple of years back, which hit a peak of around 62,000 sites, ten times the magnitude of LizaMoon by his figures.
We’d still be careful where you’re treading around the web this week, mind.
Comments (0)
