« OrderBox Available in 8 Languages | Main | New optical disk offers huge storage »
January 10, 2005
Google Worm Defaces Web Sites
Kaspersky Labs, a Russian company that develops security software, said on Tuesday that it had discovered Net-Worm.Perl.Santy.a, a new worm that uses the Google search engine to find vulnerable systems, reports say.
The worm reportedly queries Google for Web sites running vulnerable versions of phpBB, a software for creating Internet forums using the PHP scripting language. It then connects to those sites and exploits a vulnerability to access the server running the bulletin board software. The worm, according to reports, then overwrites .htm, .php, .asp, .shtm, .jsp, and .phtm files with text that reads: "This site is defaced!!! This site is defaced!!! NeverEverNoSanity WebWorm generation."
Netcraft reported this week that the vulnerability in php can be used to steal database passwords. Recently, the PHP Group released fixes for versions 4.3.10 and 5.0.3 of PHP, closing vulnerabilities in the scripting language.
According to reports, Google did not comment on the issue.