Hackers infect BusinessWeek website via SQL Injection attack

Sophos experts have discovered that the website of BusinessWeek, the world famous weekly magazine, has been attacked by hackers in an attempt to infect the readership with malware.

Hundreds of pages on a part of BusinessWeek’s website which offers information about where MBA students might find future employers have been struck by the SQL Injection attack – where a security vulnerability is exploited in order to insert malicious code into the site’s underlying database.

It’s worrying when any site suffers from a malicious SQL Injection attack, but when it’s also one of the 1000 busiest websites on the internet the stakes are even higher. The potentially large number of people visiting the site and accessing information to assist their careers may be putting their finances or personal data in jeopardy if they are not properly protected.

As we reported in our recent Security Threat Report, over 16,000 new infected webpages are discovered every single day. That’s one every five seconds – three times faster than the rate we saw during 2007.

View the following video to get more information (and – of course – feel free to embed it on your own websites if you like):

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

At the time of writing, the code injected into BusinessWeek’s website points to a website that is currently down and not delivering further malicious code. However, it’s worth bearing in mind that it’s status could potentially change at any time. Sophos informed BusinessWeek of the infection last week, although at the time of writing the hackers’ scripts are still present.

BusinessWeek, and the many other firms hit by SQL Injection attacks need to move fast to not only remove the malicious scripts, but also to ensure that they do not get infected again. Companies whose websites have been struck by such an attack often clean-up their database, only to be infected again a few hours later.