PHP worms – all the buzz yet nobody really writes about it

like i just wrote to bugtraq, indeed, it has become an annoying trend everybody talks about but almost nobody writes about. trojan horses, worms, etc. exploiting php bugs. either vulnerabilities in known applications such as wordpress, phpbb, drupal, etc. or actually trying different permutations to attack the site.

many of these are in fact based on the old kaiten code. as someone mentioned previously in that thread or another, it can even be found on packet storm.

still, this latest one has a kick in the second payload with a worm that also attacks other systems and i can say is not just yet another php worm, but actually what i’d call linux malware.

anyone else seeing their web server logs going crazy with new patterns every day? email me, i am starting a sharing system where these can be shared mutually so we can better protect ourselves, create signatures, etc.

gadi evron,
ge@beyondsecurity.com.

Share