Welcome, Guest

Author Topic: Have we missed it?  (Read 1573 times)

Offline asleitch

  • House Bee
  • **
  • Posts: 202
Have we missed it?
« on: December 22, 2004, 01:36:19 PM »

Santy worm makes unwelcome visit
Screengrab of phpBB website, phpBB
The vulnerable software is used by thousands of sites
Thousands of website bulletin boards have been defaced by a virus that used Google to spread across the net.

The Santy worm first appeared on 20 December and within 24 hours had successfully hit more than 40,000 websites.

The malicious program exploits a vulnerability in the widely used phpBB software.

Santy's spread has now been stopped after Google began blocking infected sites searching for new victims.

Fast response

The worm replaces chat forums with a webpage announcing that the site had been defaced by the malicious program.

Soon after being infected, sites hit by the worm started randomly searching for other websites running the vulnerable phpBB software.

Once Google started blocking these search queries the rate of infection tailed off sharply.

A message sent to Finnish security firm F-Secure by Google's security team said: "While a seven hour response for something like this is not outrageous, we think we can and should do better."

"We will be reviewing our procedures to improve our response time in the future to similar problems," the Google team said.

Security firms estimate that about 1m websites run their discussion groups and forums with the open source phpBB program.

The worst of the attack now seems to be over as a search conducted on the morning of the 22 December produced only 1,440 hits for sites showing the text used in the defacement message.

People using the sites hit by Santy will not be affected by the worm.

Santy is not the first malicious program to use Google to help it spread.

In July a variant of the MyDoom virus slowed down searches on Google as the program flooded the search site with queries looking for new e-mail addresses to send itself to.

Offline Jerrymac

  • Galactic Bee
  • ******
  • Posts: 6047
  • Gender: Male
Have we missed it?
« Reply #1 on: December 22, 2004, 05:08:08 PM »
I have never understood why people create and send out these viruses and such. They get nothing out of it. Then it hit me as I read this, what if it is job security for those responsible for stopping these things?    Hummmmmmm....
:rainbowflower:  Light travels faster than sound. This is why some people appear bright until you hear them speak.   :rainbowflower:


My pictures.Type in password;  youview

Offline Jay

  • House Bee
  • **
  • Posts: 471
Have we missed it?
« Reply #2 on: December 22, 2004, 06:03:25 PM »
I never understood this either! It's not like an arsonist, say who can stand back and watch the fire s/he set burn. These people have no idea how many and who they have affected unless it comes out in the news later on. Maybe that's the way to stop them, just stop reporting about them, and they'll have no feedback or bragging rights!
By the rude bridge that arched the flood
Their flag to Aprils breeze unfurled
Here once the embattled farmers stood
And fired the shot heard round the world