Originally posted by jerde
View Post
The exploit employed in the 123filestore attack took advantage of the register_globals feature set to “enabled” on the infected host, and manipulated various script files, in some cases vBulletin + vBSEO, in other cases vBulletin + other third party scripts (note that the attack was not exclusive to vB +vBSEO sites).
Once injected, the modified scripts took users coming from search engines and redirected them to the 23filestore site, in some cases all the traffic was redirected. Again, this attack was not aimed at a particular site (with say, a combination of scripts such as vB+vBSEO), but directed at vB powered forums in general.
Once injected, the modified scripts took users coming from search engines and redirected them to the 23filestore site, in some cases all the traffic was redirected. Again, this attack was not aimed at a particular site (with say, a combination of scripts such as vB+vBSEO), but directed at vB powered forums in general.
Leave a comment: