Nikjju Injection Compromises More Than 180,000 Pages !
Effect - Hackers have compromised above 180,000 pages by this new SQL injection vulnerability against ASP sites and the number is growing very fast.
The effect is also seen on blogger users as their ‘’Traffic sources’’ area shows traffic from the infected links.
Script Used- The script used in the process :
What it does - The script redirects the users to a Fake AVs like best-antivirus…something. Or http://www4.savegco-antivir.com ….
Protection - You can check if your site has been infected or not ,go here http://sitecheck.sucuri.net/scanner/
And scan your website.
Information on Nikkju- It has been found that domain named nikjju.com was registered on 1st April and attack most probably began after 4thapril.
Some government sites affected by it :
jnd.xmchengdu.gov.cn
study.dyny.gov.cn
www.cnll.gov.cn
www.bj.hzjcy.gov.cn
www.mirpurkhas.gov.pk
www.tdnyw.gov.cn
gcjs.kaifeng.gov.cn
Till now no way has been found to prevent this Mass attack though google and other authorities are working on it.
The amount of pages it is effecting is increasing at a very rapid rate.
Precaution - Do not open untrusted links and the links starting from ''antivir...something or www.savegro-antivir.com...".
Author:
Shikhil Sharma is the newest RHA member. If you would like to contribute to RHA, Kindly email rafayhackingarticles@gmaill.com.
Author:
Shikhil Sharma is the newest RHA member. If you would like to contribute to RHA, Kindly email rafayhackingarticles@gmaill.com.
@ Rafay bro this Article Filtered by Google Spam team ! i think better to avoid spamming words Because i found this Newsletter on My Spam !!
ReplyDeleteRegards
M.Gazzaly
http://www.gazzaly.info
It probably was due to the script that was inserted in to this page.
ReplyDelete