Shall I compare thee to an SQL Injection?

Filed Under: Malware, SophosLabs

" Shall I compare thee to an SQL Injection?
Thou art more common and more widespread:
Rough winds do shake the World Wide Web, "

Apologies to the bard.

Over the last couple of days WS1000 customers, primarily in the K-12 market, have been reporting infections on a Poem repository based in Turkey. The site seems to hold the works of several popular poets.

  • Pablo Neruda
  • Charles Bukowski
  • Edgar Allan Poe
  • Emily Dickinson
  • William Shakespeare
  • William Blake
  • William Butler Yeats
  • Rudyard Kipling
  • Octavio Paz


The site is infected with Mal/Badsrc-C and will attempt, eventually, to infect victims with a downloader Trojan we proactively block as Mal/TinyDL-T. SophosLabs is in the process of contacting the site owner and will update this blog in the near future.

You can read more about SQL Injections and how to avoid them on the Sophos web site.

You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s