Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Anti-Santy worm on the prowl

  • Please log in to reply
No replies to this topic

#1 KoanYorel


    Bleepin' Conundrum

  • Members
  • 19,461 posts
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:05:42 PM

Posted 31 December 2004 - 08:06 PM

Anti-Santy worm on the prowl An anti-Santy worm that uses search engines to spread among online bulletin boards has been spotted, a security company has reported. Published: December 31, 2004, 8:52 AM PST By Ingrid Marson Special to CNET News.com F-Secure said on Friday that it was aware of seven sites that had been defaced by the worm, which appears designed to combat the Santy worm. The anti-Santy worm searches Google for sites that use the PHP Bulletin Board (phpBB) software exploited by the earlier worm, infects the sites and attempts to make the sites more secure by installing a patch. Mikko Hyppönen, director of antivirus research at F-Secure, said that although the worm may seem beneficial, in fact it is likely to cause problems for administrators who will have to handle the increase in traffic. "I can't comment how effective it is in fixing the sites," said Hyppönen. "If a site is infected, the worm causes a huge amount of traffic and slows down the site. I don't think it's possible to write a beneficial worm." Sites that have been attacked by the anti-Santy worm are defaced with the words: "viewtopic.php secured by Anti-Santy-Worm V4. Your site is a bit safer, but upgrade to >= 2.0.11."
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users