` LIZAMOON' SQL INJECTION
ATTACK IS OUT OF CONTROL
Legitimate Websites have been compromised with one
line of codeÐ a simple redirectÐ that has been embedded
on these sites. The bulk of the action happens on the
redirected page, where a script containing JavaScript code
kicks off the fake AV scam.
Amass SQL injection attack that initially compromised 28,000 Websites has spiraled out of control. At the
last count, more than a million sites have been affected,
with no end in sight.
Security firm Websense has been tracking the ª LizaMoonº
attack since it started on March 29. The company' s malware researchers dubbed the attack LizaMoon after the first
domain that victims were redirected to. At the redirected site,
users saw a warning dialog that they had been infected with
malware and got a link to download a fake antivirus.
The domains used in this attack are all associated with
one of four IP addresses, according to Dancho Danchev, an
independent security expert. While the 20 or so domains
being used as the redirect URL rotate between two IP
addresses, Danchev has identified more than 120 India-based or Cocos Island-based domains all pointing to one
malware host server, and 50 India-based domains going
to another. The domains have all been registered using
automatically registered accounts at Gmail, he said.
The good news: Users are hit with the Windows Stability
The users are shown various threats that are supposedly
on their computer, but the fake AV, Windows Stability Center,
won' t remove them until the user pays up, in a ª very tradi-
tional rogue AV scam,º wrote Patrik Runald, the Websense
researcher following the attack. More than 500,000 URLs
have been injected with LizaMoon, according to Runald.
Center scam only once, so visiting the site repeatedly doesn' t
repeat the attack. The bad news: Not many antivirus programs
seem to be able to detect the Windows Stability Center.
For more articles on this and related topics, go to
eweek.com.
ANDROID LOCKDOWN
STORY
When it first hit the marketplace, Google Android had a lot to offer smartphone manufacturers looking for an
operating system capable of tackling Apple' s iPhone: It was
open source and license-free and could be modified to suit
the needs of a particular carrier or company.
But Google, concerned about platform fragmentation and
competing against Apple' s tightly integrated soft-ware-hardware stack, is reportedly interested in
bringing a little law and order to Android' s Wild
West: According to Bloomberg Businessweek,
Google' s Android group is demanding approval
for anything companies do with Android code.
Google offered no comment when asked by
e WEEK about its Android control plans. If verified,
its decision could have wide-ranging effects. ª In
the short term, [Google' s decision] re-enforces
the notion that there are some quality issues for
the Android app portfolio,º Al Hilwa, an analyst with IDC, wrote
to e WEEK. ª These are the result of lightweight automated pro-
cedures around app approval, and we have seen the negative
effect in terms of usability, privacy and security.º
Nor have relatively loose standards helped Android' s
fragmentation issues, Hilwa added, which in turn harm ª the
perception of quality and value which ultimately determines
the profitability of the devices and success of apps for devel-
opers.º Manufacturing partners may balk at tighter Google
control, ª but in the long term, it is in their interest.º
A stronger Android Marketplace could give the app plat-
form more parity with Apple' s App Store and help blunt
competitive momentum for similar online storefronts from
Microsoft, Hewlett-Packard and Research In Motion.
ª Google' s value proposition was that they would be vastly
easier to deal with than Microsoft and let the
vendors better differentiate,º Rob Enderle,
principal analyst of the Enderle Group, wrote to
e WEEK. ª They found that this led to a lot of crap
being released on the market, and they sucked
at vendor collaboration. They are now rethinking
that approach by being even more controlling.º
Enderle believes Google' s attempts will ulti-
mately backfire. ª Google, after failing at being
different from Microsoft, is going to try and beat
Microsoft at [its] own game,º he wrote. ª That
virtually never works, which will likely force them to get closer
and closer to Apple' s model. Rather than figuring out how to
make their idea work, they are killing it by being too unwilling to
form more cooperative relationships with their OEM partners.º
For more articles on this and related topics, go to
eweek.com.
