Skip to main content

Lizamoon SQL Injection Attack Infects More Than One Million Webpages

In a huge mass-injection attack, cyber criminals have infected hundreds of thousands of websites with malicious code.

The attack, which was first discovered by security company Websense, has affected more than 1.5 million web pages. When the company first discovered the attack, on March 29th, somewhere around 28,000 web pages were infected.

According to the company, the attack, which is being dubbed as the Lizamoon attack, is a form of SQL injection attack, which is used to inject malicious code into the database of websites based on PHP and ASP. The attack was named after the first website to be infected by it.

Users visiting the infected web pages are being bombarded by fake virus warnings, claiming that their computers are infected by tons of malware.

The company said in a blog post that the Lizamoon attack had also infected some iTunes podcasts web pages.

“The way iTunes works is that it downloads RSS/XML feeds from the publisher to update the podcast and list of available episodes. We believe that these RSS/XML feeds have been compromised with the injected code. The good thing is that iTunes encodes the script tags, which means that the script doesn't execute on the user's computer. So good job, Apple,” the company explained.