Dublin: Users who run their sites and use Joomla CMS but haven't revised it in a short time must do so right away if they don't want to see their sites compromised and hosting malicious content, warns Versafe.
In a newly released report, the company's researchers have noted the existence and the present active use of an exploit that lets attackers to easily gain control of the targeted system.
By examining the logs from several of the compromised servers, the researchers found out that all attacks started off from the same source (IP addresses in China), that the same exploit was employed against all systems, and that takeover shell and malicious content upload was programmed and executed in a small timeframe, making them think that the attackers are using a new zero-day exploit.
As it turns out, they were right, and the susceptibility the exploit took advantage enabled them to upload a backdoor by simply adding a ‘.’ at the end of PHP filenames.
Luckily for Joomla users, the defect has been patched, and they can pull themselves out of danger by moving up to version 2.5.14 or 3.1.5.
“Owning a website comes with responsibilities and unless you’re prepared to do all the work yourself, I recommend that you choose a managed service provider,” Malwarebytes' Jerome Segura directs to those who want to keep safe but don't want to think about it.
“You spend a little more money, but at least the site and all its components (CMS, and Linux/Apache/MySQL/PHP) will be taken care of, leaving you with the sole job of adding content to the site (the fun part).”
Read more: Joomla Development Dublin