View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Huge cyber attack infects over 1.5 million Web pages

Lizamoon SQL-injection attack tricks users to download anti-virus software

By CBR Staff Writer

More than 1.5 million Web pages have suffered a huge SQL -injection attack, dubbed as the Lizamoon attack.

The attack got its name after the first website to be infected by it.

Security company Websense, which has been tracking the attack, said that it first discovered the attack on 29 March when around 28,000 Web pages were infected by the attack.

The company said the attack is a kind of SQL injection attack, where cyber criminals inject malicious code into the database of PHP- and ASP-based websites.

The aim of the attack is to dupe users by frightening them. The infected Web pages display false virus warnings to users, tricking them to buy anti-virus software. But once the user downloads the software, the virus exposes their computers to hackers.

Websense has said that the attack had also infected some iTunes podcasts Web pages.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.