How Attacks against Pro-Tibet Web Sites Can Springboard Against Your Database
The sites, which sympathize with Tibet, are attacked by hackers taking advantage of interest in the China-Tibet issue; The "Fribet" trojan is left on the sites that become "possibly hijacked to host Exploit-MS07-004, which appear to be specifically crafted," according to Shinsuke Honjo and Geok Meng Ong of McAfee Avert Labs.
Visitors to the pro-Tibet sites are infected with malware and then the broader risk elevates. The trojan unloads remote control and monitoring functions, including the ability to create new files or folders and take instructions from command and control servers.
Patrick Nolan of the SANS Internet Storm Center sums it up:
Honjo and Ong recommend administrators double down on security of database back ends.
With other events this year that will be of major news and interest (the Olympics, the U.S. presidential election), you'll most likely want to keep your radar up to see if these tactics are employed in other scenarios down the road.