One Million Web Pages Attacked By Lilupophilupop

[Daniel]

The Internet Storm Center reported that one million web pages have been attacked by the Lilupophilupop SQL injection and contain a malicious Javascript link. Affected sites can be found using a Google search query. See also the technical details of the SQL injection. The attack is directed to sites running ASP or ColdFusion with an MSSQL backend. The payload of the Javascript leads, via redirects and obfuscated Javascript, to a fake download page for Adobe Flash and antivirus software.

http://isc.sans.org/diary/Lilupophilupop+tops+1million+infected+pages/12304
https://www.google.com/search?q="script+src="http://lilupophilupop.com/sl.php"
http://isc.sans.edu/diary.html?storyid=12127

 

[ThumperTM]

Thanks for share dude

 

[foxman]

I assume those webpages were crap!

 

[awaiz007]

Thanks for letting us know

 

[Daniel]

The malware site is hosted by Specialist Ltd in Transnistria, who are a totally black hat operation. They can get away with it because almost nobody recognises the existence of Transnistria, so it is effectively outside the reach of international law enforcement.

 

[damnyou]

damn hackers, they are gonna be considered as a biggest criminal in the future and I feel govt will introduce the death penalty for them. Oh well..

 

[foxman]

http://en.wikipedia.org/wiki/Transnistria

 

[CocktailBud]

thanks for info