So this is pretty big news eh!

LizaMoon is the domain that a newly discovered SQL injection vulnerability attempts to take viewers too.  From there it will attempt to load FAKE anti-virus software onto your computer.  It appears that this attack has affected nearly 1 million websites so far (http://www.google.com/search?q=%22src%3Dhttp:%2F%2F*%2Fur.php%22)

Websense.com has released excellent information and tracking of this SQL injection attack that appears to have start March 29th.

http://www.youtube.com/watch?v=wKI5dg1cs74

For more tracking of the injection attack visit WebSense.com’s community information at these urls…

http://community.websense.com/blogs/securitylabs/archive/2011/03/31/update-on-lizamoon-mass-injection.aspx

http://community.websense.com/blogs/securitylabs/archive/2011/03/29/lizamoon-mass-injection-28000-urls-including-itunes.aspx

http://community.websense.com/blogs/securitylabs/archive/2011/03/29/lizamoon-mass-injection-28000-urls-including-itunes.aspx

Stackoverflow.com has an example and log information as well as some tips for server admins to attempt to clean and prevent the issue from happening again.

http://stackoverflow.com/questions/3788080/attack-on-asp-site-that-uses-a-sql-server-database

Also for system administrators, OWASP – The Open Web Application Security Project has excellent resources on how to manage the infamous SQL Injection risk.

http://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

http://www.owasp.org/index.php/Guide_to_SQL_Injection