McAfee and Symantec have recently issued a warning about a new worm targeting PHP and CGI code hosted on critical locations on poorly defended web servers.
This worm, named Lupper, will install itself and operate autonomously, allowing hackers to gain access to the system. This access may enable hackers to link the compromised server with another infected machine to launch attacks on new targets. According to remediation advice, users should reinstall their entire operating system.
“The network of infected machines could be used to perform Distributed Denial of Service (DDoS) attacks or for other purposes as it can receive remote control commands,” McAfee stated. “It also has the capability to collect email addresses stored in files on the web server.”
Both security firms assert that regularly updated patches for their antivirus programs can protect against this worm. Infected systems can only be remedied by a complete reinstallation of the operating system.
Information about this worm can be found on the websites of McAfee and Symantec.
Thanh Truc