Huge Web hack attack infects 500,000 pages

Sites may have been compromised through a "security issue" in Microsoft's Web server software

Attacks on legitimate Web domains, including some belonging to the United Nations that began earlier this week, have expanded dramatically, security researchers said Friday, with hundreds of thousands of pages hacked by Friday.

One anti-virus vendor said the sites might have been compromised through a "security issue" in Microsoft's Web server software that has been reported to Microsoft's engineers.

Last week, several security companies, including California-based Websense, said large numbers of legitimate sites, including URLs for the U.N., had been hacked and were serving up malware. These latest site compromises were only the most recent SQL injection attacks, however; similar attacks have been launched since the first of the year, and were last detected in large numbers in March.

Earlier in the week, Dan Hubbard, Websense's vice president of security research, estimated the number of hacked sites in the low six figures. By today, that number had soared as firms such as Panda Security pegged the number at 282,000, and F-Secure said its infected-page count was above half a million.

Ryan Sherstobitoff, a corporate evangelist for Panda, said his company had reported a problem with Internet Information Services (ISS) to Microsoft that was probably responsible for the hacks. "We reported a security issue, but I don't have any specific details on whether it's a vulnerability," Sherstobitoff said.

"It's not like this is a brand-new problem," he said, referring to legitimate site compromises. "But Microsoft has already issued a security advisory that said they are investigating public reports of problems with IIS. This seems to be related to that advisory."

That advisory was published April 17, and warned users of a bug in most versions of Windows that could be exploited through custom Web applications running in IIS. It could also be exploited via SQL Server, Microsoft said.

On Friday, Microsoft said it did not know whether the ongoing site attacks were linked to the bug described in the April 17 advisory. "We have not yet determined whether or not these reports are related to Microsoft Security Advisory 951306 released last week," a company spokesman said in an e-mail.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Gregg Keizer

Computerworld
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?