Intrusion Prevention

Danmec.Asprox.SQL.Injection

Description

The Asprox trojan is designed to create a spam botnet and send spam emails. It installs as a system service named "Microsoft Security Center Extension". It uses Google to search for .asp pages, then sends blind SQL-injection attack requests to the websites that are found.

Affected Products

Any website based on ASP technologies and using Microsoft SQL server as the backend database server.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Scan the infected system with Antivirus software.
Update the web application to the latest version.