Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Security researchers are warning of a rapidly growing number of web sites infected by the Asprox spam botnet.Asprox is capable of launching SQL injection attacks, and has more than doubled its appearance on application service provider (ASP) sites from 5,000 to 11,000 overnight, according to M86 Security.The firm has tagged the botnet with a 'high severity' badge, meaning that it is particularly serious.M86 Security threat analyst Rodel Mendrez said in a blog post that Asprox had been used only to send spam, but that it is now responsible for SQL injections and the "mass infection" of web sites."This week our suspicions were confirmed when we came across another version of Asprox which started to launch spam and SQL injection attacks," he said.Once in place the bots attempt to contact three domains with a .ru address. Mendrez said that these are Asprox control servers that return spam templates, target email addresses and malware updates, and list ASP sites to target.The botnet also downloads an encrypted XML file that offers information such as Google search terms for finding more targets."Asprox is back with a vengeance, and doing typically Asprox-like things, namely spamming and SQL injection. Anyone have a feeling of déjà vu?" said Mendrez.