Hackers Hit BusinessWeek With Malware

BusinessWeek.com, which just last week publicly launched Business Exchange, a kind of social network for readers and industry leaders, has been hit by a SQL injection (define) attack.

Security software vendor Sophos discovered the vulnerability and notified BusinessWeek. Graham Cluley, senior technology consultant for Sophos, wrote on his blog that hackers tried to infect readership that used part of the site with malware.

"Hundreds of pages on a part of BusinessWeek's website which offers information about where MBA students might find future employers have been struck by the SQL Injection attack - where a security vulnerability is exploited in order to insert malicious code into the site's underlying database," the post said. Gluley told InternetNews.com that hackers are focusing on SQL injection attacks because "they want to take over your desktop, and companies are protecting their e-mail now, so the other way to get to your desktop is through the browser."