IT Security Blog

  • Home
  • About IT Security Blog
  • IT Security Basics
  • Real-World Issues
  • Network Security
  • News
  • Malware
  • Tips
  • Spyware

Half a Million IIS Servers Infected with Malware

16 May 2008 By Saran

iis.jpgPanda software, a developer of security systems and anti-virus software has raised the alarm regarding a massive cyber attack on vulnerable IIS Server based web pages. The malware once it gets in re-directs users to malicious sites from totally legitimate web sites. The infection grew from less than half a million infected servers to almost double that which is quite fast for a specific type of malware. Most developers who employ “code scrubbing”, which is removing information as it is saved into an SQL database are easy prey and are the intended target of the massive attack that is still taking place. An I frame is inserted to redirect users to malicious sites that can lead to identity thefts even with the users not knowing about it.
The attack is centered on Microsoft’s IIS web Server in particular ASP pages that have very strong ties to SQL databases. Panda and Fsecure have both identified the hidden code (“) that can be deep in their web pages and advises them to look for the string that re-directs people to other sites. Users and Site Administrators are advised to get all updates from Microsoft to remedy the problem and to halt the spread of this attack once and for all.
All this to bug people who use the web all over the world, in the never ending battle between hackers and those who are up to take them head on.

Filed Under: General, IT Security Basics, Malware, Network Security, News, Real-World Issues, Security Policies, Spyware Tagged With: ASP Web Pages, Malware, Microsoft IIS, SQL Databases

Categories

  • Backups
  • Cryptography
  • E-mail
  • Firefox
  • General
  • Google Chrome
  • IM
  • Instant Messaging
  • IT Security Basics
  • Malware
  • Network Security
  • News
  • Operating Systems
  • Physical Security
  • Privacy & Anonymity
  • Programming
  • Real-World Issues
  • Review
  • Security Policies
  • Spyware
  • Storage
  • Tips
  • Web browsers
  • Wireless Security