Google Becomes Unwitting Abettor for Santy Worm



The new Santy worm uses the Google search engine to find vulnerable websites and then defaces the sites’ bulletin boards. The worm, formally named Net-Worm.Perl.Santy, attacks website bulletin boards (Internet forums or message centers) running versions of the popular phpBB bulletin board application. The worm exploits a known security vulnerability in early releases of the phpBB application, defacing the contents of the bulletin board.


Santy uses the Google search engines’ ability to locate the boards; however, Google is taking quick, preemptive action to block the worm’s ability to search the online database.

Bulletin board owners can block Santy’s effects by updating their PHP installations to PHP 4.3.10 or PHP 5.0.3 and phpBB installations to version 2.0.11. PHP is an open-source development language widely used by website designers. phpBB is a popular bulletin board software that uses PHP to dynamically create HTML webpages and manage the messages posted to the bulletin board.

Dave’s Comment
Welcome, Google, to the big time. Sadly, this is one of the drawbacks to being popular, your services are more likely to be misused by those with misdirected intentions.

Call for Comments
What do you think? Leave your comments below.

References
Google
The PHP Group

About Todd Cochrane

Todd Cochrane is the Founder of Geek News Central and host of the Geek News Central Podcast. He is a Podcast Hall of Fame Inductee and was one of the very first podcasters in 2004. He wrote the first book on podcasting, and did many of the early Podcast Advertising deals in the podcasting space. He does two other podcasts in addition to Geek News Central. The New Media Show and Podcast Legends.