xbiz world
xbiz premiere

New Santy Variants Learn to Use Yahoo, AOL

CYBERSPACE — The Santy Internet worm, which was discovered last week and used the Google search engine to find vulnerable websites, has evolved to spread via other search engines following Google’s crackdown on the worm’s distribution mechanism.

Net-Worm.Perl.Santy.a, the original version of the worm, targeted phpBB online bulletin boards and searched Google for “viewfiles.php,” which allowed the worm to find versions of the phpBB software earlier than 2.0.11.

“Santy.a is something of a novelty,” Anti-virus firm Kaspersky said at the time. “It creates a specially formulated Google search request which results in a list of sites running vulnerable versions of phpBB.”

Once the virus has located its targets and successfully infected a site, it searches for and overwrites files with .asp, .htm, .jsp, .php, .phtm, and .shtm extensions. In their place, the worm places files which contain the text, “This site is defaced!!! NeverEverNoSanity WebWorm generation.”

Google began filtering search requests soon after the worm was discovered and began to return results only for sites no longer vulnerable to the worm, but new versions of the worm that use AOL and Yahoo search engines began popping up late last week and were announced by the Internet Storm Center on Christmas Day.

The variants, referred to as Santy.b and Santy.c, operate differently than the original worm, according to anti-virus experts.

“It tries to pull several scripts from an affected forum,” wrote the ISC in its daily diary. “The forum could have been compromised and used as a base to attack others.”

Among other features included in the newer versions of Santy are the attempted installation of a bot that would grant an attacker control over the computer and may possibly allow for targeted distributed denial-of-service attacks.

Another new worm, originally referred to as Santy.e, was reported by the Kaspersky, which exploits PHP scripts called “PHP Scripts Automated Arbitrary File Inclusion,” and could be potentially dangerous to any website, even with updated versions of PHP and phpBB.

After an analysis of the worm by Kaspersky, though, the worm was found to contain different mechanisms by which it operated and was renamed to Spyki.b.

The worm was also tagged as being created by Brazilian hacking group Atrix Team.

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Open Mind AI Seeks Inclusion in EU's AI Debate

New European industry initiative Open Mind AI has penned a letter asking EU authorities to include adult companies and creators in ongoing discussions on setting up a legal framework for AI content.

Canadian Law Professor: Proposed Age Verification Bill 'Will Make Things Worse'

Leading Canadian newspaper The Globe and Mail this week published an op-ed written by a legal scholar outlining fundamental issues with the Conservative-backed age verification bill currently making its way through Parliament.

UK Labour Government Confirms it Will Continue Baroness-Led 'Porn Review'

The U.K. Labour government of Prime Minister Keir Starmer has confirmed it will continue the controversial full review of British pornography laws ordered by former Tory Prime Minister Rishi Sunak in July 2023.

AEBN Publishes Popular Searches for July and August

AEBN has released the top search terms for the months of July and August from its straight and gay theaters in all 50 states and the District of Columbia.

SWR Data Survey Probes Concerns About Political Attacks on Industry

SWR Data, an adult-sector market research firm led by industry veterans Mike Stabile and MelRose Michaels, has released data from its upcoming 2024 State of the Creator report, illustrating creators’ concerns about political attacks on the industry.

FSC Urges SCOTUS to Strike Down 'Unconstitutional' Texas Age Verification Law

The Free Speech Coalition (FSC) urged the U.S. Supreme Court through a brief filed Monday to strike down Texas’ age verification law as unconstitutional.

Japanese Manga Industry Hit by Credit Card Companies' Anti-Porn Restrictions

Japanese manga retailers are reporting pressure from multinational credit card companies — many based in the U.S. and targeted by anti-porn religious conservatives — to censor their content if they wish to maintain their current payment processing arrangements.

Netherlands Government Continues Porn Probe Following Abuse Allegations

The Dutch government plans to continue investigating the local porn industry in the Netherlands, following a series of abuse allegations involving photographer and self-styled “model scout” Daniël van der W.

Clips4Sale Releases '20 Years of Fetish' Data Survey

Clips4Sale (C4S) has released a report based on 20 years of data and analysis to show how kink and fetish tastes have changed since the site began.

Grooby, Yanks Ink Website Management Deal

Grooby will begin managing Yanks.com under a new company, Blue.xxx.

Show More