Hacker, Researcher and Author.

Nikjju Injection Compromises More Than 180,000 Pages !


Effect - Hackers have compromised above 180,000 pages by this new SQL injection vulnerability against ASP sites and the number is growing very fast.
The effect is also seen on blogger users as their ‘’Traffic sources’’ area shows traffic from the infected links.


Script Used- The script used in the process :

What it does - The script redirects the users to a Fake AVs  like best-antivirus…something. Or http://www4.savegco-antivir.com ….







Protection - You can check if your site has been infected or not ,go here http://sitecheck.sucuri.net/scanner/
And scan your website.

Information on Nikkju- It has been found that domain named nikjju.com was registered on 1st April and attack most probably began after 4thapril.

Some government sites affected by it :

jnd.xmchengdu.gov.cn
study.dyny.gov.cn
www.cnll.gov.cn
www.bj.hzjcy.gov.cn
www.mirpurkhas.gov.pk
www.tdnyw.gov.cn
gcjs.kaifeng.gov.cn

Till now no way has been found to prevent this Mass attack though google and other authorities are working on it.
The amount of pages it is effecting is increasing at a very rapid rate.

Precaution - Do not open untrusted links and the links starting from ''antivir...something or www.savegro-antivir.com...".

Author:


Shikhil Sharma is the newest RHA member. If you would like to contribute to RHA, Kindly email rafayhackingarticles@gmaill.com.

2 comments:

  1. @ Rafay bro this Article Filtered by Google Spam team ! i think better to avoid spamming words Because i found this Newsletter on My Spam !!

    Regards
    M.Gazzaly
    http://www.gazzaly.info

    ReplyDelete
  2. It probably was due to the script that was inserted in to this page.

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.