1. Home
  2. Computing & Technology
  3. Internet / Network Security
Network Security Blog

From Tony Bradley, CISSP-ISSAP, Former About.com Guide to Network Security

Asprox Botnet Compromises Web Sites

Thursday May 15, 2008
A botnet is being propagated in a worm-like fashion and infecting vulnerable web sites. Once a web site is compromised, it redirects users to download a malware package, which also includes the Asprox code. The Asprox code then seeks out new vulnerable web sites to compromise and continue to spread. Asprox uses SQL injection on vulnerable Active Server pages to compromise weak sites. According to this report from The Register, the SQL injection attack has compromised about 1,000 web pages thus far, and only 4 of the 32 antivirus products tested were able to detect or identify the threat.

Comments

July 30, 2008 at 6:14 pm
(1) Tom Smith says:

This virus took my site offline for 3 weeks and I had to seek an internet security company to fix my site.

It cost me £50 but well worth it after the hastle I have had!!

Hope this helps others:
http://www.firestorm-online.com/trojans/asprox/

October 13, 2008 at 12:58 pm
(2) Raviv Raz says:

More details on ASPROX, SQL Injections at:

http://chaptersinwebsecurity.blogspot.com/2008/07/asprox-silent-defacement.html

You can find download links for:

- Injector: tests for ASPROX vulnerability on websites
- dotDefender: protects web sites against ASPROX

Raviv

Leave a Comment

Line and paragraph breaks are automatic. Some HTML allowed: <a href="" title="">, <b>, <i>, <strike>

Explore Internet / Network Security
About.com Special Features

Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >

Easy ways to connect two computers for networking purposes. More >

  1. Home
  2. Computing & Technology
  3. Internet / Network Security

©2009 About.com, a part of The New York Times Company.

All rights reserved.