manunkind writes:A Web worm that identifies potential victims by searching Google is spreading among online bulletin boards using a vulnerable version of the program phpBB, security professionals said on Tuesday. The Santy worm uses a flaw in the widely used community forum software known as the PHP Bulletin Board (phpBB) to spread, according to updated analyses. The worm searches Google for sites using a vulnerable version of the software, antivirus firm Kaspersky said in a statement. Almost 40,000 sites may have already been infected. Using Microsoft's Search engine to scan for the phrase "NeverEverNoSanity"--part of the defacement text that the Santy worm uses to replace files on infected Web sites--returns nearly 39,000 hits. "Santy.a is spreading rapidly," antivirus firm Kaspersky stated in a new release published Tuesday. "However, this does not directly affect users. Although the worm infects Web sites, it does not infect computers used to view those sites."
Related
Re: Net worm using Google to spread (Score: 1) |  | Is this related to the urldecode hole. Is my phpbb immune if I made that fix? |
Re: Net worm using Google to spread (Score: 1) | | This is legit: Patch your site IMMEDIATELY! Fix: http://www.phpbb.com/phpBB/viewtopic.php?t=240513 More Info: http://www.f-secure.com/v-descs/santy_a.shtml |
Re: Net worm using Google to spread (Score: 1) | | This worm only affect versions before 2.0.11: Worm.Perl.Santy.a can infect certain phpBB forums? Upgrade your version of phpbb-nuke from Nuke Resources: BBtoNuke 2.0.11 [www.nukeresources.com] |
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
