In the beginning of December, it was discovered that a SQL attack was making its rounds across the internet. It was redirecting visitors from their site to a malicious one, titled – “Lilupophilupop”. The attack was named after the URL with the same name.
It is being reported that over a million websites were infected and this has alarmed many security experts. The malicious link has been seen in both ASP and ColdFusion sites with a MSSQL backend.
The injected script is rather simple, as it adds a script tag to a site which direct browsers to JavaScript loaded on the malicious site. The infection has been appearing in a wide variety of countries, in North America, Europe, and Asia.
According to a security expert, Mark Hofman, this injection might be the work of many people or someone who was prepping it over a long period of time, “The manual component and the number of sites infected suggests a reasonable size work force or a long preparation period”
If you want to check and make sure your site hasn’t been infected, just do this search in your source code: “