YAMSIA (Yet Another Massive SQL Injection Attack)

July 18, 2008 – 6:48 AM

Clever mnemonics aside, last week we have seen another large scale SQL injection attack (or YAMSIA, if you prefer), this time being orchestrated by a botnet that has become known as Asprox—but first, a history lesson.

The code behind the Asprox botnet seems to have been around for quite some time now, but it was only in the last year that it has upgraded to a botnet where its main focus is to send phishing emails. This has changed in late May / early June of this year when the bots where issued a new set of commands–namely to start searching the Web for certain .ASP pages – and then launching an SQL injection attack against these pages (hmm … I wonder where they got that idea from).


You must be logged in to post a comment.