Feb 26 2009

SQL Injection attacks compromised 500,000 sites in 2008

Breach Security has released their annual Web Hacking Incidents Database (WHID) report. The focus is on the massive SQL Injection (SQLi) attacks seen online last year, and according to the data, more than 500,000 sites were compromised. The report states that SQLi attacks, with the aim of planting Malware on a compromised site, were the number one vector of attack in 2008.

WHID

The WHID report explains that there were three SQLi bots used in 2008, Nihaorr1, Asprox, and Evolution. They noted that while the initial attack vector was SQLi, overall the attacks more closely resembled Cross-Site Scripting methodology, citing the end goal of injecting malicious JavaScript into the victim’s browser as their logic. Moreover, the attacks were not after information on the server, they were after the user base of the website itself, taking advantage of a legit resource and exploiting the trust users have in it.

Another interesting aspect of the report centers on the site defacements seen in 2008.

Source: Tech Herald
http://tinyurl.com/dhoc7j