Bad Evil Worm Eats Evil Websites
An without-end of fotorreceptora leather strap that identifies potential victims procurarando Google is spreading between bulletin plates in line using a vulnerable version of phpBB of the program, said professionals of the security in tuesday. The without-end of Santy uses an imperfection, announced last week, in the software that interprets the pages of the fotorreceptora leather strap extensively writings in the language scripting used PHP: Preprocessor Of Hypertext (PHP). However, better that attempt of infect all the places of the fotorreceptora leather strap that function PHP, the without-end preferivelmente whiten a specific application -- the PHP bulletin plate (phpBB) -- and look Google for vulnerable places, antivirus said firm Kaspersky in an indication. Almost 40,000 places can already infected. Using the engine of search of Microsoft to make the sweepings for the phrase "NeverEverNoSanity" -- part of the text of defacement that the without-end of Santy if uses to substitute rasps in places infected of the fotorreceptora leather strap -- of returns almost 39,000 strokes. The click to the sight "Santy.a is spreading rāpidamente, and is causing an epidemic," antivirus indicated firm Kaspersky in a new release published tuesday. "however, this does not affect directly using. Although the without-end infects local of the fotorreceptora leather strap, infect the used computers not to see those places." The without-end emits the Google a specific order of the search, asking for essentially a list of vulnerable places. Armed with the list, the without-end tries then to spread 2 those places using a projected order of PHP to explore the software of the bulletin plate of phpBB. The without-end is the the most delayed twist in using Google because a tool of the attack, known practical one as to cut of Google. It can the first time also be that a program used Google to identify victims for an attack. Around 6 million local seem to function the software of phpBB, in accordance with a search of Google for the phrase "powered for phpBB" -- a recognition added to the deep one of all the place that uses software. "it has tons of the bulletin plate of these PHP installs around," said Johannes Ullrich, main officer of the technology of the center of the storm of the InterNet, that follows threats in line. To use Google to determine vulnerable places is not an exercise academic. The without-end makes that one accurately: A time that Santy infects a Web site, looks Google for other places that function phpBB and also tries then infect those places. Later that fęz examination on of a place, the without-end all suppresses the pages of the HTML, PHP, active pages of the user (ASP), user of Java (JSP), and safe pages of the HTML, and substitutes them with the text, "this place is disfigured! This place is disfigured! Generation of NeverEverNoSanity WebWorm X, "in accordance with Kaspersky. For "X," the without-end it introduces a number that represents as the current example of the program is gone down distant of the original release of the without-end. The MSN searches had found 2âs generations of the without-end. Google did not comment immediately in the without-end, but one spokesman said that the company had seen the information and it had started it to study the edition. The reply, or the lack of this, frustraram some members of the community of antivirus, that it believed that the giant of the search could fācilmente stop the without-end filtering for is of its search for victims. "we know accurately that he looks for to stop," we said Mikko Hypponen, director of the research of the firm of antivirus F-Seguro. "it would be trivial to stop this thing." The places of the fotorreceptora leather strap that use a vulnerable version of PHP must promote, the place of the project of phpBB recommend.