News

Finjan finds 1,000 compromised government and commercial websites

Antony Savvas

Finjan has found 1,000 compromised websites owned by government departments and leading brands.

The sites were compromised by a new round of mass attacks that began this month, said Finjan.

The attackers are using a toolkit called "Asprox", which has been around for some time.

It searches Google for web pages using the file extension [.asp] and, once found, it launches SQL injection attacks.

"Since the list of these malware serving domains increases every day, we believe this is just the tip of the iceberg for the scope and impact of this attack," said Yuval Ben-Itzhak, CTO at Finjan.

Sites that are compromised include:

  • atdmt.com, which Microsoft plans to acquire as part of Microsoft's Advertiser and Publisher Solutions Group
  • Official website of the City of Marysville, registered by Marysville Police Department
  • Official website of the cultural data bank of the Department of Culture and Tourism of the State of Bahia, Brazil.
  • Official website of the government of the City and County of San Francisco
  • Official website of the Queensland (Australia) Government
  • Cocacolabrazil.com
  • Snapple.com, one of the largest soft drink makers in the US
  • Official website of the University of California
  • The Baltimore Times
  • BMW official site in Mexico

More details of the compromised sites can be found here

Playstation hit by SQL injection attack >>

US cert warns of widespread SQL injection attacks >>





Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy