Up to 114,000 websites may have been compromised from a recent widespread attack, including sites belonging to the Wall Street Journal and Jerusalem Post, Computer World reports.

According to the report, hackers managed to post malicious HTML code on thousands of websites, causing users to be redirected to a malicious web server. The server then attempted to install malware on the computers, and, if successful in bypassing the computers' desktop security, offered foreign entities remote access to users' PCs.

Although information is still being gathered, security researchers suspect the attackers used a structure query language injection to manipulate the websites, Computer World relays.

According to Sophos, the security company identified the attack on the Jerusalem Post as attempting to load Mal/Behav-290, a known malware. The company believes the attacker used a "scattergun" approach to infect as many websites as possible.

Sites such as the Washington Post's were not completely infiltrated, Computer World reports, and only a few pages displaying real estate ads were breached.

An SQL injection occurs when user input is directly placed into an SQL statement without being filtered for potentially dangerous items. Victims of this type of attack can become vulnerable to data theft and modification, according to CGI Security. Hackers will test a URL's susceptibility to an SQL injection by typing in single quotes into a site's input field and waiting to see if a particular error message pops up. ADNFCR-2553-ID-19830963-ADNFCR