Hackers launched cyber attacks on more than 50 South African Internet forums, also known as "PHP bulletin boards", over the weekend.
Barry Cribb, MD of Internet security services provider IS Digital Networks, explains that PHP BB is a popular utility used on many Web sites, to provide a discussion forum for users. He says the bulk of the weekend attacks were targeted at a known PHP BB vulnerability.
Cribb says the forum sites, running from different servers, were defaced by overwriting the pages. The vulnerable sites attacked included those of public and charitable organisations.
"Since the middle of March 2005, 425 defacements have been posted on the defacement archive www.zone-h.com/en/news mirror site, possibly by the same attacker."
He says the defacement mirror site keeps copies of sites that hackers notify them they have defaced.
"The installer or the owner of the Web site is responsible for addressing vulnerability applications, and not the hosting company, and failure in the way these applications are written and maintained will undo the work performed by server administrators," says Cribb.
"With a hacker actively scanning for this specific vulnerability, it is only a matter of time before more sites are detected. It is critical that companies not only have a firewall but that it is regularly checked for vulnerabilities.
"In response to these attacks, we have posted links to both the announcement and the download required to resolve this vulnerability at http://www.isdigital.co.za/news.html."
Share
