more than 1.5 million web pages compromise by compromises

attack manifestation

according to Websense Security Labs. A ton of web pages  have been compromised by a huge malware attack dubbed LizaMoon. The attack shows that malware is a bigger menace than ever and that many web sites aren’t protected.
The attack is an SQL injection attack, which exploit badly written web applications and mess up a web site’s databases. Through programming errors, SQL injection attacks can be launched in any programming language. The underlying cause is that a programmer trusts input that comes from another web page. The input is passed along directly into the database; if the input is malformed in a particular way, the result is the database will run code of the attacker’s choosing.
The result of the attacks is that the web pages being visited aren’t being loaded. Previously, the attack was redirecting users to a fake antivirus site. Websense noticed the attack starting on Tuesday, when 28,000 URLs were already compromised.by taatjene, from Venturebeat