A sql attack called Lilupophilupop in a month’s time, more than a million pages of more than 450.000 websites ge lwa nfecteerd. More than 10 percent of the compromised pages belongs to Dutch websites.
When the Internet Storm Center at the beginning of december last year, the attack for the first time met, were there according to a search on Google less than a hundred infected pages. A few days later it was already in the thousands, and now it appears the counter has already passed the million contaminated sites to be shot.
Since mid-december, the number of infections in a high flight taken. On 12 december last year there were ISC about 160,000 infected pages, which is 14,000 a Dutch page concerned. This number has now increased to 123.000, as appears from a count of the end of december.
The netherlands puts this head and shoulders above other countries. So had ISC in France something over 68,000 infected pages and is the United Kingdom 56.300 infections. The Chinese firewall shows the country, however, as well as to protect against this type of attack; in that country, the counter 505.
According to the researchers, it seems the malware is only partially automated to work. “The manual component and the number of compromised sites, suggesting a large operation or a long preparation time,” said Mark Hofman of ISC.
In the Netherlands the website Vakantieland.nl responsible for a large part of the infections; of the said 123.000 infected pages, it appears that this site is using several subdomains already good for more than 50,000 infected pages. A spokesman of Vakantieland.nl stresses that the infections been removed for some time. “We have two times had to contend with an infection, on 1 and 9 december. Both times we have acted rapidly.”
Update 11.00 am – Article, and the approach adjusted. In the previous version it was reported that the to 123.000 domain names went.