Super Malware Asprox Takes UK By Storm, Targets Government Websites

The last few weeks have seen a resurgence in the number of attacks based on the Asprox malware and coming from East European countries, something that was highlighted by GSS back in May 2008.

Asprox uses an SQL-inhection attack tool to attack legitimate Websites and has managed to hit hundreds of Government and consumer websites including some oeprated by the NHS and the Hackney local council, one of 12 local councils hit.

More than two million computers have been contaminated worldwide according to security experts, essentially building up a formidable army of virtual zombie PCs.

The Times reported that the botnet is being used to capture people's personal details and the resurgence of Asprox has only come to light after people found out that their bank accounts were being emptied.

In a nutshell, Asprox will download malware on the victim's computer and will upload any personal details to the criminals operating the network.

According to Finjan, the toolkit searches Google for webpages ending with .ASP (there are currently nearly 2.4 billion of them) and then launches an SQL injection attack "to append a reference to the malware file using the SCRIPT tag".

Getting rid of the malware on your computer is as simple as installing an up-to-date antivirus software.

It is interesting to see that Asprox has been around for years and as The Guardian's inhouse tech guy Jack Schofield puts it, relies on badly coded websites.