Net-Worm.Perl.Santy.a
Anyone who got a visit by Santy this year??
A new Worm/Virus spread like wildfire through phpBB forums (like this one) this Christmas..
It doesn't affect home computers, just using a security flaw in older versions of the phpBB forum script to spread through the internet..
It is also using a vulnerability in PHP itself, so your host needs to upgrade that as well.
More info about the Santy worm here:
and here:
http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLD,GGLD:2004-51,GGLD:en&q=santy
Over 40,000 forums are supposed to be infected/defaced.
This forum was not defaced by the virus, but you can see that it has REALLY tried if you look at the info at the bottom of the index page...
It has eaten a significant amount of the bandwidth, but it should't have done any more harm than that.
There are a few temporary fixes to prevent the worm from entering your forum.
http://www.phpbb.com/phpBB/viewtopic.php?t=249010
But the most important one is to upgrade your forum(s) to version 2.0.11 ASAP!!
Anyone who got a visit by Santy this year??
A new Worm/Virus spread like wildfire through phpBB forums (like this one) this Christmas..
It doesn't affect home computers, just using a security flaw in older versions of the phpBB forum script to spread through the internet..
It is also using a vulnerability in PHP itself, so your host needs to upgrade that as well.
More info about the Santy worm here:
http://www.f-secure.com/v-descs/santy_a.shtmlSanty is a worm was found at December 21st, 2004. It uses a vulnerability in popular phpBB discussion forum software to spread and it uses Google search engine to find vulnerable servers. It does not infect end user computers.
Google has started filtering requests made by the worm at December 22nd, 2004, in order to stop the worm.
and here:
http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLD,GGLD:2004-51,GGLD:en&q=santy
Over 40,000 forums are supposed to be infected/defaced.
This forum was not defaced by the virus, but you can see that it has REALLY tried if you look at the info at the bottom of the index page...
Most users ever online was 507 on 24 Dec 2004 17:25 pm
It has eaten a significant amount of the bandwidth, but it should't have done any more harm than that.
There are a few temporary fixes to prevent the worm from entering your forum.
http://www.phpbb.com/phpBB/viewtopic.php?t=249010
But the most important one is to upgrade your forum(s) to version 2.0.11 ASAP!!