Switched has a new home! Huffpost Tech.

Click here to visit the new home of Switched!

Hot on HuffPost Tech:

See More Stories
AOL Tech

Malicious Infection Turns Your Computer Into a Spam-Sending 'Bot

by Chad Mumm on March 18, 2009 at 12:42 PM

The newest trend in Internet infection is growing at an alarming rate, according to Breach Security Lab's recently released Web Hacking Incidents Database (WHID) 2008 Annual Report. The attack is called an SQL injection and it works by corrupting the database layer of a Web site. This type of attack, once thought nearly obsolete due to the legwork required of the hacker, was resurrected when the hacking community began automating the process last June, allowing for a 300-percent increase in SQL injections in 2008.

The exploit essentially opens the infected site up to the hacker's whims. Once they gain control, they can install malware ranging from data stealers to viral spam. If you click on an exploited link and become infected, your secure information is compromised and your PC becomes susceptible to control by the infection, acting as a bot to help spread spam and deliver more infections to other computers. This means that infections can have near exponential growth; alarming, since some 500,000 sites have been infected, including government Web sites like the U.S. Department of Homeland Security's.



Experts from IBM Security Systems say that many new Web site features, such as online music, video, photos, and documents, are at the greatest risk of attack, but you should be safe as long as you keep your programs and applications up to date, particularly Web-intensive ones like your browser and music player (just make sure you install updates on any programs as soon as they become available). We know it's easy to click 'cancel' whenever auto-update pops up, but as we continue to put more and more of our data on the Web, it's crucial to stay current with the newest security updates. [From: USA Today]

Related Links:

Tags: bot, botnet, botnets, infection, infections, malware, security, sql, sql injection, sql insertion, SqlInjection, SqlInsertion, viruses

Comments

1

Add your comments

Please keep your comments relevant to this blog entry. Email addresses are never displayed, but they are required to confirm your comments.

When you enter your name and email address, you'll be sent a link to confirm your comment, and a password. To leave another comment, just use that password.

To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br /> tags.

HuffPost AOL Social News Most Popular