Site icon Panda Security Mediacenter

Cyber Criminals Exploit Drupal CMS to Distribute Malware

In a previous post, I stressed the importance of updating web applications frequently. Cyber criminals are always on the lookout for newly exploitable
distribution methods and will go to great lengths to take advantage of any
website. It may not be widely known, but web application vulnerabilities
pop-up just as frequently as Software or Operating System vulnerabilities
do.

If you are using dynamic web applications, such as Content Management Software, E-Commerce or blogging software, then it's especially important to make sure that those applications are always up-to-date with the latest security patches. If you don't, not only do you put your viewers at risk for possible SQL injection related infections, but you also open up to the possibility of a data breach, which can leak all kinds of sensitive data out to the hands of cyber criminals.

Today, I came across a State University website which was running a
vulnerable version of the popular Drupal CMS software. The site was
exploited by cyber criminals and over 3600 links were injected and indexed
by Google in less than 10 hours of exploitation.

Search Results:

Malicious Site:

If any of the links are accessed, the user is put through a series of
redirections to various Rogueware sites where the user is told
that their computer is infected and prompted to install a file called
onlinescan.exe, which we detect as Adware/PrivacyCenter

,a

Exit mobile version