p2pnet.net News:- F-Secure gives the new Santy worm, that uses Google search to find vulnerable hosts, a Level 2 Radar rating.

Santy tries to infect web servers running a popular online bulletin board phpBB, F-Secure points out, saying Santy overwrites files such as .htm .php .asp .shtm .jsp .phtm, replacing them with the message:

This site is defaced!!!
NeverEverNoSanity WebWorm generation X

But, “Antivirus experts do not believe Santy.A deposits Trojan horse programs or other malicious code on the systems it infects,” says the IDG News Service, going on:

“Also, Santy does not affect individual computer users, unless they are hosting a bulletin board from their computer that uses the phpBB software, antivirus experts said.”

However, F-Secure manager of antivirus research Mikko Hyppönen is quoted as saying Santy.A could act as a road map for malicious hackers ooking for vulnerable computers to exploit.

“Both F-Secure and Kaspersky Labs posted updated antivirus definitions Tuesday that can spot the Santy.A worm and advised customers to update their antivirus software as soon as possible,” adds IDG.

===================

See:-
NeverEverNoSanity – F-Secure Virus Descriptions : Santy, December 21, 2004
Trojan horse - New worm, Santy, using Google to spread, IDG News Service, December 21, 2004

This entry was posted on Wednesday, December 22nd, 2004 at 1:15 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 14726 times