Monday, March 17, 2008

McAfee Warns of Mass Web Attack

phpBB - Mass Web Attack...

McAfee, uncovered a newer mass hack affecting over 10,000 web pages. That number has since doubled. This recent mass attack, which was similar to those reported by Dancho Danchev, but reference a JS file rather than an IFRAME.

The attack seems to have started more than a week ago, and nearly 200,000 web pages have been found to be compromised, most of which are running phpBB.

phpBB attacks rely on social engineering. phpBB mass hacks have occurred in the past, including those done by the Perl/Santy.worm back in 2004.

Here’s a brief video demonstrating how the phpBB attack looks from the end user’s perspective.



March 2008 - Mass Hack Demo from Schmooog on Vimeo.

No comments: