Celebrity cook Nigella Lawson has had her
website hacked by the
increasingly dangerous
SQL injection attacks.
An attacker has used a Structured Query Language (SQL) attack to
add code to her website. This code then links Nigella website users
to malware hosted on another website.
The attack has been created using the Asprox toolkit, widely
distributed by hackers.
Researchers from security software firm
ScanSafe first detected the
attack on 14 July. Anyone who has visited the Nigella site could
potentially have an infected computer, said ScanSafe.
With the malicious code, users would be silently directed from
the website to a backdoor which could potentially download Trojans,
password stealers and various other types of spam.
ScanSafe CEO Eldar Tuvey said, "SQL injection attacks have
become the most common form of website compromise, outpacing all
other types of compromise by 212%. High-profile websites such as
Nigella Lawson's must realise that they are becoming an appealing
target for these cyber criminals."
ScanSafe has notified the Nigella website and is liaising with
it to resolve the issue.
Rival security firm Finjan has reported that it has
detected 1,000 other sites infected by the Asprox toolkit.
Playstation hit by SQL injection attack >>