Joomla sites hit in latest SQL injection attack


Joomla sites hit in latest SQL injection attack

Ian Grant

Websites that use Joomla, an open source content management system, are vulnerable to the latest round of SQL injection attacks, says a security researcher.

Christoph Alme, a malware specialist at security firm Secure Computing, said, "There are more than five million Joomla pages out there."

The latest attack, discovered over the weekend by Secure Computing, used search engines to speed up their search for vulnerable web pages into which they can inject SQL statements that will steal passwords to bank, game and other accounts.

The criminals searched for pages that contained vulnerable order forms and sign-on details. Once they discovered an unprotected page, they used it to place SQL code on the underlying database that recorded personal details of visitors to the site. More than 14,000 web pages were infected in the weekend attack.

"There has been a big rise in SQL injection attacks this year," Alme said. He said the current attack, which infected at least 20 popular UK sites, was dangerous because it was aimed at sites that people were likely to visit regularly.

"Government sites are as vulnerable as commercial sites," he said. "The visitor may have visited the site last week without problems. This week he trusts the site, but is hit by a drive-by attack," Alme said.

He said the criminals also hid malware in downloads of popular software such as QuickTime and RealPlayer.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy