Posted by Virus Bulletin on Mar 30, 2007
PHP flaws used to lend legitimate air to spam content.
Webmasters are being warned to ensure their sites are properly protected, after a wave of spams have been spotted using links pointing to hacked genuine sites, redirecting to their own nefarious pages, to lure recipients into trusting the content of the bulk messages.
Vulnerabilities in PHP are the main vector allowing access to the genuine sites, and most of the spam using the cracked sites is image-based spam pushing pharmaceuticals such as Viagra, according to research issued by Sophos.
Numerous flaws have been spotted in the PHP dynamic scripting system in the past, and anyone running a site using PHP is advised to follow security best practice and maintain a thorough patching process at all times. Details of the spam campaigns, including screen shots, can be found here.
Posted on 30 March 2007 by Virus Bulletin
