Advertisement
Promo

Security threats Toolkit

Google stops spread of Santy worm

Munir Kotadia ZDNet Australia

Published: 22 Dec 2004 09:05 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Google has responded to calls from antivirus companies to stop the advance of an Internet worm that was using the search engine's technology to spread among online bulletin boards.

Antivirus companies say the Santy worm, which searches Google for sites that use a vulnerable version of the phpBB bulletin board software, is spreading quickly - it had already infected about 40,000 Web sites by Tuesday evening.

On Wednesday, a Google representative told ZDNet Australia that though Google users were not at risk from Santy, the search company had started blocking attempts by the worm to replicate.

"We are aware of an Internet worm that exploits a vulnerability in third-party Web servers that use PHP bulletin board software. While the worm does not put Google users at risk, we are working to help stop its propagation by blocking queries to Google that are generated by the worm," the representative said.

Google was prompted into action after antivirus companies, such as F-Secure, said it would be a "trivial" effort for Google to stop the spread of the worm because its methods of propagation were well-known.

"We've been trying to reach the right people at Google," said Mikko Hypponen, research director of antivirus company F-Secure. "They could stop this Santy outbreak right now simply by stopping responding to the queries the virus uses. This wouldn't hurt any end users and would in fact take a load off Google servers."

In August, a MyDoom variant used Google and other search engines to hunt for email addresses. The virus pumped so many queries into Google that the search engine was unavailable or very slow for large periods of time. The same variant of MyDoom also succeeded in knocking a number of smaller search engines -- including Lycos and AltaVista -- off the Web completely.

ZDNet Australia's Munir Kotadia reported from Sydney. For more coverage from ZDNet Australia, click here. CNET News.com's Robert Lemos contributed to this report.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
65 out of 132 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

1 comment

  1. this is cool man , keep on truckin Anonymous

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:




Related Jobs

Credit Risk - Decision Engines Analyst - West Midlands

SEO Search Engine Optimisation Specialist – Lancashire

SEO Campaign Manager

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters