Panda Security Advises Webmasters to Check Their Web Pages, Due to a Massive Hacker Attack

- A vulnerability in Internet Information Servers allows cyber crooks to inject SQL code to manipulate legitimate Web pages. As a result, visitors are redirected to a malicious website designed to install malware on computers
- According to PandaLabs, at least 282,000 Web pages of all types have been affected, and this number is increasing
- The attack is easily detected, as a very specific code string is inserted in the compromised page’s source code

PandaLabs has reported a vulnerability in Internet Information Server which is allowing a massive hacker attack. This attack currently affects 282,000 Web pages, and this number could increase drastically.

This security problem allows hackers to inject SQL code in all the pages hosted on a Web server. This code is designed to redirect all who visit compromised pages to a malicious website which analyzes systems for vulnerabilities that could be used to download all types of threats.

The situation is exacerbated by the fact that most of the web pages affected show no suspicious signs whatsoever and many of them have numerous visitors.

How to detect if a web page has been manipulated

Panda Security advises all webmasters with pages hosted on an Internet Information Server to check as soon as possible if their web pages have been affected. The procedure is simple, as it involves searching for a specific code string in the source code of the web page, associated to an IFRAME tag. This string is (find image attached):

If detected, it should be immediately eliminated and those responsible for administering the server hosting the Web pages should be warned to enable them to implement the corresponding security measures.

Given the large number of Web pages affected, many users could have been infected by all types of malicious code, including new strains as yet unrecognized by security companies. To check if systems are infected, Panda Security advises users to go to http://www.infectedornot.com, and scan their computers, free of charge, with the ActiveScan 2.0 online scanner, a security solution that operates on the basis of ‘collective intelligence’ and can detect many more threats than any other security solution.

More information is available in the PandaLabs blog: http://www.pandalabs.com.

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.

Currently, 94% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog: http://www.pandalabs.com.
Website: http://www.pandalabs.com/
Website: http://www.infectedornot.com/