A large scale SQL injection attack has injected a malicious iframe on roughly 20,000 susceptible websites. The iframe loads malicious content from 318x.com, which eventually leads to the installation of a rootkit-enabled variant of the Buzus.backdoor trojan. The attack could allow arbitrary code execution as well as read or write access to the database. Read the full article on Help Net Security: A large-scale SQL.com attack has left 163,000 voter data records exposed to fraud.
Source: https://threatpost.com/new-sql-injection-affects-132000-121009/73245/