Secureworks reports that a botnet is attempting to use hijacked computers to propagate a SQL injection attack tool along with a spamming tool and a Trojan that steals passwords.
Joe Stewart of Secureworks writes that "As of yesterday, we observed the Asprox botnet pushing an update to the infected systems, a binary with the filename msscntr32.exe. The executable is installed as a system service with the name 'Microsoft Security Center Extension,' but in reality it is a SQL-injection attack tool.
When launched, the attack tool will search Google for .asp pages which contain various terms, and will then launch SQL injection attacks against the websites returned by the search."