Massive Web attack

The good folks at Kaspersky Labs warned of a massive ‘successful’ hack to thousands of servers in Europe and the U.S. They believe the attack was either SQL injection or the use of previously compromised accounts. Here’s what they’re saying:

Yesterday we detected the onset of the latest mass hack attack – websites being hacked and links placed on them that lead to malicious servers. We’re estimating that in the last two days along, between 2000 and 10,000 servers, mainly Western European and American ones, have been hacked. It’s not yet clear who’s doing this.We’re still working on determining exactly how the sites were hacked, but there are two scenarios which are the most likely – using SQL injection or using accounts to the sites which had already been stolen. One common factor is that the majority of the hacked sites run on some type of ASP engine.

You can visit the analyst’s diary here.

Be sure to check out their recommendations for the eradication of malicious links. As the analysts stated, “It’s not just your security that’s at stake, but the security of everyone using your site!”