Hacker attack leaves 70.000 websites compromised
A recent hacker attack that has left more than 70.000 websites compromised in early January 2008, was recently detected by leading internet security experts. According to security analysts, the huge scale of the incident was probably triggered by a mass SQL injection that hijacked visitors’ computers with a variety of exploits that have been targeted primarily towards websites within .gov and .edu domains.
The actual reasons of a security breach on such a massive scale are still unknown, but it is estimated that all the affected systems shared some sort of a common vulnerability. One security flaw that was explicitly discovered by security experts was the 15-month-old vulnerability in Microsoft Data Access Components (MDAC). It was patched back in April 2006, which made the recovery process a lot faster than it would have been in a case of an unknown exploit.
Recently commented malware