Santy Worm Defaces Web Forums
Anti-virus vendors have raised the threat level on a new Internet worm squirming through Web servers that are running unpatched versions of the popular phpBB Web forum software.
Source: eWeekThe worm, known as Net-Worm.Perl.Santy.A or Santy, uses Google search to randomly find sites running phpBB and overwrites several different files to deface the forums.
By targeting the freely distributed phpBB, the defacement worm has become a major nightmare for some businesses that use the forum software to handle customer-service queries and other support issues.
In an advisory, security research outfit Kaspersky Lab said the Santy worm is "extra tricky" because it replaces several files on the server with its own code, meaning that other sites using the same host get infected.
Kaspersky Lab's advisory carries a "Red Alert" rating.
0
Comments
the only thing he didnt backup on a regular basis was the php files
the thing he felt was least likely to be distroyed or damaged
www.netpointfocus.co.uk/forum