Newly detected SQL injection attack snags Apple in wide net
A new series of mass SQL injection attacks has planted links to malware sites and hidden iframes in over a million webpages, including parts of Apple's website. The technique is similar to a standard SQL injection attack, but uses obfuscation to disguise the data in hopes of routing around any rudimentary input checking.
The attack was detailed earlier this week by security researcher Manuel Humberto Santander Peláez. The attacks rely on a series of SQL commands stored as hexadecimal data preceded by a CAST command. When decoded, it attempts to inject iframes into data tables, which then end up being rendered in webpages that use the tables to build its HTML code dynamically. The attacks lead to Russian top-level domains that appear to be sources of malware.
