More than 180,000 pages have already been infiltrated by a mass SQL attack, called jjghui. Named according to the website where traffic is redirected to, this attack is targeting small legitimate websites that don’t pay much attention to their security and sometimes have security vulnerabilities inside the system. Attackers use SQL vulnerabilities to inject malicious JavaScript which helps to fool people into buying fake software and gives direct access to all the data which is stored on the infected webpage as well.
As soon as malicious JavaScript code is injected, it allows the attacker to execute its script code from jjghui.com and infect victim’s computer with malware. In the final, attacker becomes capable to execute almost every command or program on the infected computer, steal usernames, passwords, credit card numbers, delete and modify database information and even gets ability to access to the local network. After checking on Whois entry, jjghui.com is said to be owned by mysterious James Northone who also has LizaMoon.com used for the LizaMoon attacks this spring. Security experts recommend employing database activity monitoring practices to prevent such SQL injections and fixing all SQLi vulnerabilities on the site.
More safety tips: net-security.org
Retweet this story