LizaMoon is the name of the virus that affected millions of sites in just a few days, with a particularly rapid mass SQL Injection attack. A video explains how LizaMoon operates: here are the images and advice on what to do.
A new threat is lurking on PCs and websites all over the world: LizaMoon is the virus that is infecting millions of domains. According to Google’s estimates, nearly 2 million sites have already been damaged since last Thursday, all affected by this SQL Injection attack that inserts a line of malicious code into the site. In this way, the unsuspecting visitor will be automatically redirected to a malicious site. This becomes simple and possible because the user trusts the site in question, perhaps being a frequent visitor: LizaMoon mainly “feeds” on medium-sized sites, so it is very likely that very popular websites end up in the virus’s network.
The name LizaMoon is not accidental: Websense – which is analyzing and monitoring the situation – has noticed that the “external” code common to all affected sites includes the word LizaMoon.
The virus has even been found on some pages of iTunes: this does not mean that the Apple platform is not secure; on the contrary, it is emphasized that all Apple domains do not allow any code to execute, so the situation is not dangerous in the Apple environment.
Recognizing the appearance of LizaMoon is simple: if you find yourself on a compromised site, a pop-up will open suggesting that you download an antivirus because a system risk has been detected. Accepting will instead result in a “nice” malware infection.
The sites that LizaMoon targets – via malicious redirection – are currently inactive, but this does not mean the phenomenon should be underestimated. On the contrary, given the speed at which LizaMoon has spread, one must keep a close eye, avoiding downloading “suggested” programs even on trusted sites.
Better to contact the webmaster of the site in question, avoiding accepting pop-up suggestions.
Here is a video on how LizaMoon works made by Websense.
Be the first to comment