Google kicks worm into touch

Share this article:

Google has finally stopped the Santy worm dead in its tracks, thanks to lobbying from anti-virus vendors. The worm, which trawls Google for vulnerable versions of bulletin board software known as phpBB, had reached epidemic proportions by Tuesday night.

Google responded to Finnish anti-virus firm F-Secure in an email admitting its was slow to stop the virus, "While a seven hour response for something like this is not outrageous, we think we can and should do better. We will be reviewing our procedures to improve our response time in the future to similar problems."

Earlier on Tuesday Mikko Hyponnen, research director at F-Secure had appealed for Google to put a halt to the spread of the virus, that infected upwards of 40,000 sites.

"We've been trying to reach the right persons at Google for the past hours... they could stop this Santy outbreak right now simply by stopping responding to the queries the viruses uses. This wouldn't hurt any end users and would in fact take load off from Google servers," he said.

Such was the early success of Santy that by mid-Tuesday Russian anti-virus company Kaspersky had declared its spread an "epidemic". Today a search shows that nearly 30,000 websites remain compromised with the words "This Site Is Defaced!!! NeverEverNoSanity WebWorm generation 22."

The Santy worm creates a search request which results in a list of sites running vulnerable versions of phpBB. It then automatically exploits this vulnerability. Google's action has prevented the virus from spreading any further, but upgrading phpBB (to 2.0.11) is still recommended.

www.f-secure.com
www.viruslist.com

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

Proofpoint acquires Nextgate for $35 million

The recent acquisition will allow Proofpoint customers to further secure their social media accounts.

NIST finalizes cloud computing roadmap

NIST finalizes cloud computing roadmap

The NIST architecture is designed to accelerate the adoption of cloud computing.

Chinese MitM attack targets iCloud users

Chinese MitM attack targets iCloud users

The attack used a false certificate to trick iCloud users into handing over personal data and login credentials. With an attack of this size, some experts and researchers believe the ...