Net-Worm.Perl.Santy.a outbreak

Today we received reports about certain sites being defaced. Investigation has shown that a worm which utilizes a vulnerability in phpBB is responsible for this.

Screenshot of defaced website

PhpBB is a very popular software to use for internet boards/forums, so this affects a lot of sites. Therefore we are putting a Red Alert on it.

Currently there is no patch for this problem, only a work-around, which can be found here.

The worm is extra tricky because it replaces asp/php/htm/shtm files with its own code, not only meaning that you might lose data, but also that other sites using the same host get infected.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *