Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Year old Joomla exploit being abused...
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Year old Joomla exploit being abused... (Read 2941 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33902
malware fighter
Year old Joomla exploit being abused...
«
on:
April 18, 2013, 06:28:26 PM »
See here:
http://ninjafirewall.com/malware/index.php?threat=2013-04-02.01
and
http://www.nonumber.nl/forum/NoNumberExtensionManager/11206-update-of-framework-plugin
(reply posted by Peter van Westen (admin)
See:
http://urlquery.net/report.php?id=2064082
IDS for ET POLICY Maxmind geoip check to /app/geoip.js ->
http://doc.emergingthreats.net/bin/view/Main/2015878
-> credits to Gmane reporting trojan activity with this:
http://comments.gmane.org/gmane.comp.security.ids.snort.emerging-sigs/17952
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
DavidR
Avast Überevangelist
Certainly Bot
Posts: 89061
No support PMs thanks
Re: Year old Joomla exploit being abused...
«
Reply #1 on:
April 18, 2013, 07:38:59 PM »
Well the only reason it is being abused (if this exploit is a year old) surely is the lack of security awareness of web-masters and hosts not keeping their content management software updated.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
polonus
Avast Überevangelist
Probably Bot
Posts: 33902
malware fighter
Re: Year old Joomla exploit being abused...
«
Reply #2 on:
April 18, 2013, 09:05:32 PM »
Hi DavidR,
Certainly this is one of the main reasons why websites get compromised - namely outdated and non patched website software.
But there are also other things that could get hopelessly wrong with for instance plug-in abuse on Joomla, see this example discussed here:
http://blog.sucuri.net/2013/04/when-good-plugins-go-bad-seo-spam-on-joomla-sites.html
(link article author = Daniel Cid)
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33902
malware fighter
Re: Year old Joomla exploit being abused...
«
Reply #3 on:
April 21, 2013, 07:17:06 PM »
Another instance:
http://urlquery.net/report.php?id=2088586
avast! Network Shield blocks effectively as URL:Mal
So we are being protected against offending IP going to htxp://199.201.123.83/ with IP fraud ET POLICY Maxmind geoip check to /app/geoip.js
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Year old Joomla exploit being abused...