bigadnet.com - lastest SQL injection domain
A continuation of the latest wave of SQL Injection attacks is bigadnet.com - many sites infected with "older" attacks have been "upgraded" to bigadnet.net. The inserted code to look for is www.bigadnet.com/b.js which then forwards to bigadnet.com/cgi-bin/index.cgi?ad - this in turn seems to be able to deliver a variety of malware.
bigadnet.com is running on a fast flux botnet, so it's highly distributed and resilient but not very reliable at actually delivering a payload.
Labels: SQL Injection, Viruses
posted by Conrad Longmore at
11:49
3 Comments:
SO how do you protect against this? My SQL server is not accesible via the web so how are they hitting it?
13 June 2008 15:15
Hey Joe,
Did you get a solution to this?
23 June 2008 07:30
Do you know of any cure to infected sites?
23 June 2008 14:27
Post a Comment
<< Home