Santy Worm Infects Servers Running phpBB


Antivirus companies are warning internet users about a fast-spreading new worm that infects web servers running a popular package of online bulletin board software, and uses the Google search engine to find vulnerable servers to infect.

The worm, dubbed Santy.A, uses a vulnerability in a popular free software package called phpBB to spread across the internet, infecting computer servers that host online bulletin boards and defacing those sites with the words ‘This site is defaced!!! NeverEverNoSanity WebWorm.'”

What’s odd is this worm appears to have infected the server where I have hosted. Three times the index.php page was taken down and replaced with the defamed page. Finally, I changed permissions and the defamed page stopped appearing although something is still meddling with the pages and I’m having to re-upload the index page every day. I’m not sure if it’s something to do with the worm or something in the WordPress installation. I’ve contacted the ISP so we’ll see what happens after they run a virus scan on the server.