Looks like a lot of sites running phpBB 2.x have been getting hit by the Perl.Santy worm. Symantec Security Response says, Perl.Santy is a worm written in Perl script that attempts to spread to Web servers running versions of the phpBB 2.x…
.
So, if like cLin, your running phpBB you should really check the phpBB site to see what measures need to be taken.
The worm, deletes certain types of files, including .asp .jsp .php
, and puts the following on the site that was compromised:
This site is defaced!!!
NeverEverNoSanity WebWorm generation 11.
Comments
The opinions expressed in comments are entirely the responsibility of the various contributors. While I will do everything within reason to ensure that they are not defamatory, I accept no liability for them or the content of links included in them.
Anonymous (#2156)
devious