ISP hit by SQL attack to affect over 100,000 websites

The strength of the SQL injection has been demonstrated with an attack on a large internet service provider.

 

An attack has been made upon Vaserv.com with the data for around 100,000 websites destroyed by attackers who targeted a zero-day vulnerability in the HyperVM virtualisation application.

 

According to The Register, Vaserv.com director Rus Foster claimed that data for about half of the websites hosted on Vaserv was destroyed all at once sometime on  Sunday evening, shortly after administrators noticed something strange on the system.

 

He claimed that the attackers had the ability to execute sensitive Unix commands on the system, including ‘rm –rf' that forces a recursive delete of all files.

 

At the time of writing, there have been no reports of any hacker claiming responsibility for the attack, although Foster claimed that it was an SQL attack and that it was deliberate.

 

Amichai Shulman, CTO of Imperva, said: “If this is indeed SQL injection it is yet another demonstration of the power of this attack. A month or so ago the DNS Registrar for Puerto Rico was hit by an SQL Injection attack resulting in domains like google.pr, Microsoft.pr and others referencing attacker controlled servers delivering malware.

 

“SQL Injections are getting meaner by the day. The bottom line: companies need to maintain a tight-fisted control over the traffic flowing in and out of the full application stack.”

Sign up to our newsletters