LizaMoon Pay-Up Scareware Spreads To 500000 Sites - Security Alert
Websense Security labs which detected a fast-spreading SQL injection attack has stated that the attack has so far compromised millions of websites and has been breaking anti-virus barriers.
Websense Security Labs in its blog last week identified the the new malicious mass-injection campaign which it named LizaMoon.
According to it the LizaMoon mass-injection is an SQL injection attack that draws users to a bogus site where they are likely subjected to a scareware attack. The SQL injection attack sets off with the insertion of a line into the code of the page.
The simple solution: Don't install unknown files! The more complex solution: Know what antivirus programs already exist on your system, and know what they look like when they scan for and find files. If something says you have malware on your system, and this something looks nothing like applications you already have on your system, be suspicious!
In this case, a successful Lizamoon redirect takes you to a dummy pages that looks as if a large antivirus/anti-malware scan is taking place on your computer. Go figure, the scan finishes quite quickly, and a user is alerted that his or her machine might be compromised by various Trojan horse attacks and other cleverly titled malware. If a user is still playing ball, he or she can click on the simulated option to "remove" these malware apps, which then pulls up a simple download window for a "malware-removing" executable.
Still with us? Here's the deal: If you push some common sense into the mix, you'll notice that this entire process seems a bit fishy to begin with. Step one: A virus scan for Windows Explorer appears in your browser window. Step two: It finishes in lightning speed. Step three: You have to download a file–apparently via Windows Explorer, but using your browser's standard download file prompt–to finish the deal.
In short, Lizamoon can't do a thing to your system unless you let it.
Please watch this video to know more:-)
Comments