Page is a not externally linkable
pageoneresults - 11:13 am on May 27, 2008 (gmt 0)
2008-04-28 - No New IIS Or Microsoft SQL Server Vulnerabilities, Despite Claims 2008-04-28 - Half a million sites hit by huge web hack 2008-05-15 - Phishing botnet turns to SQL-injection attack This was interesting... Emphasis mine. Search Google for Goolag.
Here is a bit more information related to this sql injection hack. This is a must read for all Microsoft folks, as we are at the forefront again...
[webmasterworld.com...]
[techworld.com...]
[techworld.com...] It's so bad, in fact, that while security companies urged website administrators to check their server logs for evidence of a compromise, and told corporate security staffs to block several malware-hosting sites at their companies' perimeters, they didn't have much useful advice for end-users. After the Asprox botnet seeds its bots with the msscntr32.exe file, the attack tool launches and uses Google's search engine to find potentially-vulnerable pages. It then hits those pages with a SQL-injection attack and, if successful, plants a malicious IFRAME on the site.