Websense: Massive cyber attack hits 1.5 million sites
This really had better not be an April Fool's prank or I'm not going to be happy
It's the stupidest day of the year, so we should all be on guard.
That being said, this item in the BBC about a cyber assault called the "Lizamoon attack" appears legitimate. It had better be, or I will attack Websense and the BBC every day, with great vigor, for the rest of my life. Here's what the BBC reports:
Security firm Websense has been tracking the attack since it started on 29 March. The initial count of compromised sites was 28,000 sites but this has grown to encompass many times this number as the attack has rolled on. Websense dubbed it the Lizamoon attack because that was the name of the first domain to which victims were re-directed. The fake software is called the Windows Stability Center. The re-directions were carried out by what is known as an SQL injection attack. This succeeded because many servers keeping websites running do not filter the text being sent to them.
As of Thursday afternoon, Websense said in a blog post, "We have also been able to identify several other URLs that are injected in the exact same way, so the attack is even bigger than we originally thought. All in all, a Google Search reveals over 1,500,000 URLs that have a link with the same URL structure as the initial attack." If you want all the details, plus pretty graphics and charts, Websense has it all here. There's also a video below explaining Lizamoon.
The bottom line for users, though, is that if they visit one of the sites injected with the code, they get redirected to a bogus site called "Windows Stability Center," where they get a scary warning about huge problems on their PC. Fortunately, all that goes away if the mark user pays for a full version of Windows Stability Center! Right. So you've been warned. As have Websense and the BBC.