March 18th, 2008
|
|
| Administrator Posts: 926 Country:  | Post - Mass Hacking of phpBB Forums!
From McAfee: Quote:
Yesterday we uncovered a newer mass hack affecting over 10,000 web pages. That number has since doubled. Today, I took a look at another recent mass attack, which was similar to those reported by Dancho Danchev, but reference a JS file rather than an IFRAME.
The attack seems to have started more than a week ago, and nearly 200,000 web pages have been found to be compromised, most of which are running phpBB. This contrasts yesterday’s attack in that the vast majority of those were active server pages (.ASP). The ASP attacks are different than the phpBB ones in that the payload and method are quite different. Various exploits are used in the ASP attacks, where the phpBB ones rely on social engineering. phpBB mass hacks have occurred in the past, including those done by the Perl/Santy.worm back in 2004.
| http://www.avertlabs.com/research/bl...s-hack-attack/
Here's some more info on the phpBB and ASP attacks: http://itnews.com.au/News/71994,cybe...web-pages.aspx http://www.itnews.com.au/News/72214,...k-exposed.aspx
Anyone who has been affected by this?? |
|
| |