Santy internet worm attacks thousands of bulletin boards.A new intemet worm is defacing web bulletin boards across the globe. The Perl/Santy-A worm (also known as Santy) exploits a vulnerability in a piece of software often used to provide discussion forums and bulletin boards on the web, phpBB. The worm uses the Google search Google is owned by Google, Inc. whose mission statement is to "organize the world's information and make it universally accessible and useful". The largest search engine on the web, Google receives several hundred million queries each day through its various services. engine to try and find vulnerable bulletin boards on the web. According to media reports, Google has started blocking the worm's attempts to replicate. The Santy worm, which is written in Perl, spreads to vulnerable phpBB bulletin boards on both Windows-based and Unix-based platforms. Once the worm has spread to three or more servers it will attempt to overwrite (1) A data entry mode that writes over existing characters on screen when new characters are typed in. Contrast with insert mode. (2) To record new data on top of existing data such as when a disk record or file is updated. all HTM HTM HyperText Markup (file extension) HTM Hand To Mouth HTM harmful-to-minors HTM Held-to-Maturity HTM High Tide Mark HTM Hazlo tú mismo (Spanish: do it yourself) HTM Hierarchical Temporal Memory *, PHP (PHP Hypertext Preprocessor) A scripting language used to create dynamic Web pages. With syntax from C, Java and Perl, PHP code is embedded within HTML pages for server side execution. *, ASP*, SHTM SHTM Standard High Torque Motor SHTM Serverside HyperText Markup *, JSP (JavaServer Page) An extension to the Java servlet technology from Sun that allows HTML to be combined with Java on the same page. The Java provides the processing, and the HTML provides the layout on the Web page. * and PHTM PHTM Public Health and Tropical Medicine * files with a web page containing the following message: This site is defaced de·face tr.v. de·faced, de·fac·ing, de·fac·es 1. To mar or spoil the appearance or surface of; disfigure. 2. To impair the usefulness, value, or influence of. 3. !!! NeverEverNoSanity Web Worm generation # where # is a number which increases by one on each iteration of the worm. The good news is that this worm only affects web servers, not users who visit any of these bulletin boards," said Sophos. 'There have been serious security vulnerabilities found in the phpBB software in the past--and this incident underlines the importance of all people keeping up to-date with the latest security patches and fixes.' With the Santy worm released on 21 December, Sophos experts are theorising that it is possible the worm's distribution has been deliberately timed to coincide with the holiday season. "Can it really be coincidence that a worm which attacks web bulletin boards is released just as many companies and organisations who run such messageboards are shutting down for Christmas?' 'Many webmasters will be going home early for the holidays--and it's likely this worm will have a greater impact simply because the people who need to be at their desks to fix the problem, are relaxing in front of the fire.' Webmasters who run the phpBB software are advised to upgrade to the most recent version of the software at the earliest possible opportunity. 'With millions of websites around the world running the phpBB software it is essential that the message gets out to its users that they must take security seriously--and keep up-to-date with information about the latest discovered exploits. In June 2004 another worm, W32/MyDoom-0, disrupted the Googic search engine after it tried to use the popular website in an attempt to spread further. www.sophos.coni/virusinfo/analyses/perlsantya.html |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion