The guys over at Bloombit (British Columbia based firm) have provided an excellent analysis of an automated encoded SQL Injection attack which describes many of the techniques that malware distributors are using these days. And also provides some good pointers on how to prevent them. A few of the key points I got from the article:
- Enforcement of parameterized SQL statements is important where possible.
- Google and other web-based search tools are used to find starting points to conduct their probes (find your sites before they do!)
- Profit motivated criminals drive this issue - not script-kiddies.