Largest mass attack on the world's websites detected this weeek
Millions of sites hit with mass-injection cyberattack
The attack was discovered on March 29 by security firm WebSense, and the injected domain was called lizamoon.com -- thus, the name of the mass-injection is "LizaMoon." According to WebSense, LizaMoon uses SQL Injection to add malicious script to compromised sites. While the first injected domain was lizamoon.com, additional URLs have since been injected in the attack (WebSense has a full list here).
Read more at www.computerworld.com
When WebSecurity discovered the attack on March 29, 28,000 URLs had been compromised. The number quickly grew to 226,000, including many iTunes URLs (though the malicious code is neutralized by Apple).