More than 1,000 websites in Japan and abroad were hacked in March in attacks similar to one that hit Trend Micro Inc., the world’s leading Internet security provider, Internet security entities said.
The attacks, which also affected websites in Britain, Canada and South Korea, apparently came from within China, according to those companies and organizations.
The attack that embarrassed Trend Micro took place on the night of March 9. About 30 Web pages in Japanese and English that list virus information were modified.
The company closed the site on March 12 and reopened it the next morning after correcting the problems.
According to LAC (Little eArth Corp.) Co., a network security company, at least 1,000 websites were manipulated starting March 4, with more than 13,000 pages affected in total.
The attacks used a technique known as “SQL injection” that can manipulate a website database, according to Trend Micro and LAC officials.
LAC officials said judging from IP addresses, the attacks came from within China.
“Large-scale attacks on Japan (sites) from within China that utilize SQL injection and certain other techniques became conspicuous around November,” said Yu Arai, a LAC researcher.
“The latest wave appears to be one of these kinds of attacks,” Arai said.
In the latest cases, websites vulnerable to such cyber attacks had their programs tampered with so viewers would automatically be redirected to other sites where viruses were downloaded.
Since the pages are designed in ways viewers cannot recognize the redirection, a Trojan horse virus, capable of stealing data, could have sneaked into their computers.
When Trend Micro apologized to its customers March 12, it said its pattern file, or protection database, which was distributed March 10, had already included the virus. It said the redirecting code also failed to work properly if URLs were copied for access.
The JPCERT (Japan Computer Emergency Response Team) Coordination Center, a nonprofit entity providing Net security information, has confirmed similar damages were observed in Britain, Canada and South Korea.
The center calls on Internet users to use the latest anti-virus software and always update it in order to prevent such attacks.
The SQL injection was used in 2005 to attack price-comparison website Kakaku.com and the site of travel agency Club Tourism International Inc.
You must be logged in to post a comment.