The Asprox botnet, which earlier ran amok by phishing users has got a new weapon; SQL injection.
Specialises in sending out phishing spam, now it uses an SQL-injection attack tool to hack websites and add yet more hijacked PCs to its army.
According to David Hobson, managing director of Global Secure Systems:
Asprox is more than just another piece of botnet malware as it’s what we call a ‘hybrid’. It uses an SQL-injection attack tool that attacks legitimate websites to add to the overall botnet swarm.
It is a kind of malware that combines the two malicious activities, botnet and SQL injection.
Statistics from SecureWorks, provider of managed security services, shows that Asprox has already infected more than 2,000 websites.
It is used to grab victims while they’re surfing the web, building up the Asprox bot family. The same people behind Asprox are responsible for Danmec, a password-stealing trojan.
The attacks occur on websites that are running Microsoft SQL-SVR (Server) that already have some sort of vulnerability, he added.
The rapid evolution of multi-vector malware like Asprox means that companies should now look seriously at multi-vendor and/or multi-layered IT security protection, according to Global Secure Systems.
Companies need to review their security policies thoroughly to make sure they are not affected by this new kind of malware which is difficult to contain.
0 responses so far
There are no comments yet...Kick things off by filling out the form below.
You must log in to post a comment.