Trend Micro has created the new word (or at least it’s the first time I’ve seen it) YAMSIA in one of their latest blog posts. The reason for YAMSIA is Yet Another Massive SQL Injection Attack which is causing problems for certain .ASP pages.

The botnet behind this attack is the Asprox botnet and it has been around for quite some time . The botnet is searching the web for certain .ASP pages and then launching an SQL injection attack against these pages when vulnerabilities are found.

The botnet adds a special .js file on attacked sites which is pointing to yet another .js file on another domain. Depending on your country of origin you may be redirected to www.msn.com without any danger at all, but if you’re lucky enough to be let in your computer will be filled with several vulnerabilities – all with intentions of hocking your computer up to the botnet.

Trend Micro says:

Unfortunately, security is still a major issue with the majority of Web sites, and until it becomes one of the core design goals from the start of a Web site project, expect to see more YAMSIA (Can you tell I’m trying to get this mnemonic to stick?) blogs in the future.

Read the full story here, or start working on your insecure SQL code immediately.

Popularity: 17% [?]

You may also be interested in...
No related posts

This entry was posted on Saturday, July 19th, 2008 at 2:02 pm and is filed under ASP, Botnet, SQL, Trend Micro. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.