Akamai Diversity

The Akamai Blog

Mobilizing SQL Injection Attacks: Same Pig, New Lipstick?

In the past years we have seen an increase in distributed attacks against web applications. By using many attacking resources to target the same destination, attackers are obscuring their identity while boosting attack bandwidth, placing a greater challenge to defensive forces. Most of the distributed attacks use "volumetric" methods such as Distributed Denial of Service (DDoS) or brute force techniques such as "slow and low" to attack web applications.
The most prevalent way to execute these kinds of distributed attacks is by using a remote attacker who controls botnet members or re-routing traffic through open proxies. In both cases the attacker is trying to hide the origin of the attack against the targeted application from the intended victims.

But recently Akamai's Threat Research Team uncovered a distributed attack campaign that differs from the common distributed attack model described above in two important aspects.

Specifically: this attack relied on non-volumetric, targeted SQL injection attacks against target applications. Second: the attackers executed their attack from within a mobile carrier network, abusing native functionalities to hide their origin.

Continue reading on "The Security Ledger": https://securityledger.com/2015/05/mobilizing-sql-injection-attacks-same-pig-new-lipstick/