SQL Attacks – Half a Million Sites Already Owned

February 25, 2009
No Comment

A new research report delving further into the current epidemic of online SQL injection attacks maintains that over a half million sites were victimized by the threats during 2008 alone.

According to the Web Hacking Incidents Database (WHID) 2008 Annual Report issued by security appliance maker Breach Security on Tuesday, SQL threats that dropped malware onto affected sites far outnumbered any other type of attack rearing its head on the Internet last year.

The majority of the SQL injection campaigns delivered botnet programs onto machines infected by the sites they compromised, allowing the parties behind the attacks to use the devices to a number of different ends, from distributing spam to launching additional malware threats, the company said. [eWeek]