Our Terms of Service and Privacy Policy have changed.

By continuing to use this site, you are agreeing to the new Privacy Policy and Terms of Service.

LizaMoon attack infects millions of websites

By Stacy Cowley, tech editor

NEW YORK (CNNMoney) -- Have you heard the scary news about 'LizaMoon,' a malicious code attack that has already infected more than a million websites?

Don't panic. This particular bit of hacker mischief is setting off alarms among online security watchdogs for its speed and scope, but built-in software safeguards mean few actual users will end up suffering.

The exploit drew headlines because it's affecting a surprisingly large number of websites -- nearly 4 million so far -- and because some of those sites feed into Apple's iTunes platform. Websense, the security software vendor that first broke the news about LizaMoon in its blog, played up the iTunes connection in its first warning about the attack.

But Apple (AAPL, Fortune 500) has iTunes designed to automatically neutralize this kind of threat. That means there's zero risk of an iTunes user's computer actually getting infected by this bit of malware. Websense acknowledged that in its latest LizaMoon update.

"Every time there's a mass-injection like this, and there really hasn't been anything this big before, we try to identify larger systems and sites that have been affected," the company wrote in its blog. "There are few systems out there bigger than iTunes, so when we saw that content on itunes.apple.com contained the injected link we wanted to make people aware of that, even if the script didn't work."

LizaMoon is what's called a SQL code injection attack, where a Web application vulnerability is exploited to inject malicious code into affected websites. If a Web surfer visits an affected site, they'll be redirected to a rogue website that tries to install a "scareware" file. The file generates messages warning the user that their computer is infected with viruses, and offers to sell them antivirus software in defense. Most actual, legitimate antivirus programs will detect and eliminate the malicious file.

And most websites have protections in place to prevent them from getting infected in the first place. While LizaMoon has infested million of websites, security experts say it's a run-of-the-mill threat that is mostly hitting obscure, low-traffic sites.

"Defense against your sites getting infected is the standard things we ought to be doing anyway," the SANS Internet Storm Center, a security monitoring site, wrote in its LizaMoon analysisTo top of page

Index Last Change % Change
Dow 17,798.49 -14.90 -0.08%
Nasdaq 5,127.53 11.39 0.22%
S&P 500 2,090.11 1.24 0.06%
Treasuries 2.22 -0.01 -0.31%
Data as of 3:59pm ET
Company Price Change % Change
General Electric Co 30.36 0.00 0.00%
Bank of America Corp... 17.48 0.04 0.23%
HP Inc 12.61 -0.03 -0.24%
Pfizer Inc 32.79 -0.08 -0.24%
Walt Disney Co 115.13 -3.54 -2.98%
Data as of 1:01pm ET


Sumner Redstone, the media mogul who controls Viacom and CBS, is at the center of a legal dispute. One side says he is practically unable to make decisions for himself. The other says he is "engaged and attentive." More

Gold futures hit a low of $1,051.60 an ounce, yet another reminder of just how out of favor gold has become since its all-time high of nearly $1,890 in 2011. More

Watsi crowdfunds donations to cover healthcare costs of those in need. And it's seeing a surprising trend: micro-donations via the popular Chinese social networking app, WeChat. More

Hive, a startup funded by the UN, is tasked with getting more Americans engaged with the refugee crisis. More

Facebook just increased the amount of paid time off new dads working at its international offices can take. More