Internet attackers looking for ways to compromise a growing number of computers have brought back SQL Injection.  Researchers are noticing a growing number of websites that have been compromised by a mass SQL Injection that take advantage of weak website apps and then use those sites as a launch pad to infect their website visitors with malware.  The concern is that there are a number of sites on the web that are vulnerable to an attack of this nature.  The attackers can access easily and quickly find new targets to attack.

The Asprox Trojan is an example of this SQL Injection.  Researchers have observed it being distributed by a spam botnet.  This trojan is related to a password-stealing trojan known as Danmec. The infected PC will download a binary that searches Google for websites that contain specific search terms and launch a SQL Injection attack on those sites.

Read more here: http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1314697,00.html

Protect your companies computers with Digital Reach Managed Services.