As being reported more today, there is a large virus attack spreading across the internet. Unfortunately, the reporting appears to be on April Fool's Day, however it is not a joke.  The reports actually started earlier in the week.WebSenseSecLabsLogo

Websense Security Labs has updated its Tuesday alert concerning a malicious mass-injection scareware campaign it has dubbed LizaMoon -- an SQL injection attack that adds a line of JavaScript code to web pages that redirects users to a bogus web page that rotates on a periodic basis. Based on Google search results Thursday, more than 500,000 URLs had a script link to lizamoon.com, which has since been changed, Websense said.

"We have also been able to identify several other URLs that are injected in the exact same way, so the attack is even bigger than we originally thought," Websense security analysts wrote in a blog Thursday. "All in all, a Google search reveals over 1,500,000 URLs that have a link with the same URL structure as the initial attack."   --- reported on newsfactor.com -LizaMoon Pay-Up Scareware Spreads To 500,000 Sites - By Mark Long

The important thing to learn from this is that it is vital to update and patch your systems.

Outdated CMS and Blog systems?

Are you keeping your website updated? Not just with content, but the important patches and upgrades to the scripts you use?  WordPress, Joomla, vBulletin, x-cart, phpBB... the list goes on and on. So many of these PHP systems have been updated through-out the years, patching known exploits. Yet, so many webmasters, designers, developers, and site owners ignore the need for updates.  "It might break something" or "If it ain't broke, don't fix it." Sounds good, until it's too late.

Websense said it's still analyzing the scareware to see how it infects web pages. However, the security firm's researchers suspect that the attack has gained such widespread traction because it has been able to exploit "vulnerabilities in the web systems used by these sites, such as outdated CMS and blog systems."
Update on LizaMoon mass-injection and Q&A

Do you know what software you are using for your website? Is it up to date? Are you prepared to have your site hacked, and help spread an attack like this current one? OK, so maybe you don't know any of this geek stuff, but has your designer kept things updated?

Sure, I know this takes time and knowledge, and that usually means money. And though it may be easy fo geeks like me to quickly patch Joomla, the normal person is not going to deal with it.  I have disabled several scripts over the years on accounts on the Seven Sages servers, some dating back to 2000!  Seriously? You think something written in 2000 is secure?

I spoke with some developers recently who mostly use Joomla for their clients. I was curious how they handle the patches, because it is time consuming patching a hundred Joomla sites.  And they said they don't.

Build and Dump

Ok, these developers weren't the 'build and run' types. They did help maintain the sites after initial design, and were available as needed for fixes and add-ons. They were more responsible than most where a designer pops up WordPress, takes their money, and disappear.  But, while I understand keeping costs down, and 'don't fix when ain't broke', the problem is the system IS broken.  That is what the patches are for.

If someone came to your house and showed you that the lock on your door was defective and should be replaced, would you do it? What if it wasn't a recall paid for by the manufacturer, but just something that some evil-doer found how to unlock with a simple trick?   Would you replace the lock? Would you apply a fix so that this trick couldn't open your door?  Would you pay for that protection?

Of course you would fix the lock on your home. So why are you so lax when it comes to KNOWN security issues in your software? You wanted an interactive website, with bells and whistles, but you don't want to pay to maintain it?  Yes, the more fancy stuff you put on your site, the more likely a patch will conflict with something. But it also means there are more things that can be vulnerable.

Update your software, Now.

Don't put it off again. If you have no idea about this stuff, have your developer/designer assist you. Find out what software you use on your website, what version, and what updates are available.  Also, check any plug-ins you may have in the software, like commenting, social sharing, tags.

Don't let me have to say "I told you so". 

Upgrade now, or remove the scripts and simplify your site with basic html.

-Brian Shea

Seven Sages - Your Personal Webmasters
Looking to be bought-out since 1996

Large offers from big companies accepted. Help Brian retire early.