Email This Post Email This Post

Lilupophilupop Exceeds 1million infected pages

The Internet Storm Center published a story on the recent Lilupophilupop malware infections. They had originally written about it back in November. 1 month later, the infections had increased:

  • UK – 56,300
  • NL – 123,000
  • DE – 49,700
  • FR – 68,100
  • DK – 31,000
  • CN – 505
  • CA – 16,600
  • COM – 30,500
  • RU – 32,000
  • JP – 23,200
  • ORG – 2,690

In order to see if your site has been effected, search for “<script src=”hxxp://lilupophilupop.com/” in google and use the site: parameter to hone in on your domain.

For example, in Google type

site:yoursite.com “<script src=hxxp://lilupophilupop.com/

( note: we changed to hXXp so you don’t actually go there. )

This is a nasty SQL Injection attack, so be careful when doing your investigation.

 

Original story is here. http://isc.sans.edu/diary/Lilupophilupop+tops+1million+infected+pages/12304

 

 

Entry Filed under: Anti-Spam,SQL Injection

Leave a Comment

Required

Required, hidden


× two = 2

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Trackback this post  |  Subscribe to the comments via RSS Feed

Our Author

Shaun Sturby, MCSE Technical Services Manager, and Optrics' point person for email security
Shaun Sturby, MCSE