Silent Love China attack hits 9,000 Western websites

A new round of SQL injection attacks that are believed to have been launched from China have compromised more than 9,000 Western websites.

Silent Love China attack hits 9,000 Western websites

Click here to read the NEW PC Pro blog

The large-scale attacks only began on Saturday, but by Monday morning more than 7,000 websites had been affected, according to security firm ScanSafe.

A Google search conducted at the time of publication reveals that more than 9,000 sites have now been hit.

The attacks inject an iframe which loads malicious content from qiqigm.com, a domain that was only registered last Friday, a day before the attacks were first recorded.

RealPlayer and Internet Explorer vulnerabilities are targeted by the attacks which, if successful, lead to the installation of a password-stealing Trojan. The phrase “Silent love China” is also buried in the exploit code.

ScanSafe’s senior security researcher, Mary Landesman, says the attacks are targeted at English-language websites, with Chinese government websites specifically excluded.

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.