ASP.NET sites under attack{Comments Off on ASP.NET sites under attack}

Hackers are in the midst of a massively successful SQL injection attack. All of the attacks are built on Microsoft’s ASP.Net platform. 180,000 web pages have been affected. The hackers plant malicious JavaScript scrips onto web pages that causes the browser to load an iframe with remote sites. From there, the iframe plants malware on the visitor’s PC. Microsoft has been equipping programmers with information on how to protect against SQL injections attacks.

Last quarter, in CIS 305, there were a lot of blogs about SQL injections. They were blogged about every single week of class. However, it never occurred to me that the SQL injections that affected databases were attacked through what we are learning now. It is all coming together.

Network World. October 24,2011.