Santy Is Back
Days after Google acted to thwart the Santy worm, security firms warned that variants have begun to spread using both Google and other search engines.
Source: c|netThe Santy problem originally flared up a week ago as bulletin board Web sites found their pages erased and defaced by the worm's own text. The worm spread by targeting pages that used vulnerable versions of the PHP Bulletin Board (phpBB) software, and used Google to locate those pages.
After Google took measures to prevent the worm from executing Google searches for the faulty bulletin board software, Santy variants are making the rounds using AOL and Yahoo search, according to security firms, and are still targeting Google as well.
"Perl.Santy.B is a worm written in Perl script that attempts to spread to Web servers running versions of the phpBB 2.x bulletin board software prior to 2.0.11," warned Symantec in a Dec. 26 bulletin. "It uses AOL or Yahoo search to find potential new infection targets."
0
Comments
We're patched up but I've had to pwd protect the site to prevent getting sluggish response - password is shown if you want to visit