Technology firms including Google, Apple, eBay and Yahoo were among almost 300 companies whose websites were hit...
by a hack attack in Pakistan.
Visitors to the targeted sites were redirected to a web page with a picture of two penguins walking across a bridge with the slogan "Pakistan Downed".
Although the attacks targeted websites, and not the networks of the companies involved, services such as Google's Gmail were temporarily unavailable in Pakistan.
The motive for the attack has not been confirmed, but some reports have speculated that it was aimed at highlighting weaknesses in the organisation that administers .pk web domains, known as PKNIC.
Read more from the Computer Weekly Security Think Tank about SQL injection
- Several factors feed SQLi attacks
- Best practice to target SQLi
- No quick fix to SQLi attacks
- SQLi is basically a process problem
- SQLi attacks fly under security testing radar
- Quick time to market to blame for many SQLi attacks
- Development and testing key to reducing SQLi attacks
- SQL injection attacks rise sharply in second quarter of 2012
Technology blog ProPakistani said it had received an email from the hackers explaining how they carried out the attack.
The hackers claimed that PKNIC’s servers were vulnerable to Boolean-based blind SQL injection, time-based blind SQL injection, cross-site scripting (XSS) and “sensitive directory disclosure”.