Internet monitoring firm Websense is warning of a huge SQL attack that has succeeded in infecting over 28,000 legitimate internet sites.
Dubbed LizaMoon after the originating domain lizamoon.com, the attack injects a single line of code into web sites that link the viewer to a well-known fake security software site at defender-uqko.in.
The attacking domain and the linking site are currently offline, but Websense said this could change at any time at the whim of the attacker. The lizamoon.com domain was set up three days ago using data which appears to be faked.
Websense has spotted some of the code in iTunes URLs, but said that Apple's security policies would have blocked any attack.
"The way iTunes works is that it downloads RSS/XML feeds from the publisher to update the podcast and list of available episodes. We believe that these RSS/XML feeds have been compromised with the injected code," Websense said in a blog post.
"The good thing is that iTunes encodes the script tags, which means that the script doesn't execute on the user's computer. So good job, Apple."
400 engineers have been working in secret on electric car project for the past two years, admits James Dyson
Russian Taiga smartphone promises snoop-proof communications - coming soon to employees of Russian state-owned firms
Eugene Kaspersky's ex outs smartphone that claims to prevent apps from spying on users
Deloitte accused of leaving its internal Active Directory server exposed to the internet with RDP open
Deloitte accused of lax systems administration and security practices over email hack
Lax systems administration practices blamed for exposing millions of sensitive client emails