Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
There is a two-year-old PHP attack that still works, researchers say. Hackers are still successfully employing this weakness to compromise PHP websites. They can inject malware and reroute data to command and control servers without a trace. For sites that have not upgraded, this means a huge risk of being infected. End users can protect themselves from infection with Internet security VPNs. But other sites can get infected through the compromised PHP sites.
Old PHP Weakness Still Causing Trouble
Websites that are running earlier versions of PHP are exposed to malware attacks. Specifically, versions older than 5.3.12 and 5.4.2 are at risk. Hackers use this weakness to inject malicious software into the website servers. They can do this remotely and have the servers send valuable data to their command and control servers. And they can do it without site owners noticing that anything is amiss. The hackers remove the malware from the servers once it has done its job. There is no trace of the malicious software, so the hackers can keep siphoning data from the websites without being detected.
About two years ago, this weakness called CVE-2012-1823 was reported. But some PHP site owners have not upgraded. Upgrading is an essential security move, researchers say. It removes the window of opportunity that is being exploited by hackers up until now. PHP websites that run Apache Web servers operate by default in common gateway interface mode. This is where the code-execution exploits are successfully executed. Hackers are using automated scripts that search for any websites with this weakness.
End User Protection from Internet Security VPNs
Even after two years, some PHP sites have still not applied the available security patches. These fixes would not only protect them, but also other websites and end users. When a site is compromised, it can pass the infection on to other websites and users that it connects with. Other websites have to execute their own applicable measures to stay safe from similar attacks. The security fixes depend on site type, so they will need to get support from their providers. End users can prevent their systems from being infected with updated antivirus software and firewalls, and Internet security VPNs.
Antivirus software and firewalls protect computers from unauthorized access. They can be set to block communications from unknown websites. Make sure you get decent tools, and don’t just rely on free versions. Antivirus programs are backed by a team of developers who search for and provide solutions to new virus, malware and other threats. The antivirus software needs to be updated as soon as there is a new threat detected and fixed. This service is only provided if you have a paid subscription. You therefore won’t get quality protection from free tools. Firewalls work in much the same way. If you don’t have the latest versions right away, you will be left open to attacks.
An Internet security VPN protects the user from connection hijacking and identity theft. Hackers on a controlled website have access to what users connected to the site are doing. The Internet security VPN encrypts all user data and traffic so the hacker can’t decode other user communications. The Internet security VPN also hides the user’s real identity by giving the user an anonymous IP address. The user’s real IP address gives away their location, name and other details. This can be used to launch attacks against the user. The Internet security VPN cannot stop the hackers from stealing information from the compromised website, however. So users need to be careful what sites they visit and what they do there. Any accounts on these sites, for example, and all the information entered there, will be accessible to hackers. Users need to also be careful about what links they click on because these could direct them to pages where malware is waiting to download into their systems. The antivirus will help here, but it is better to avoid it altogether. Users need to be aware of phishing scams as well. Hackers will try to infect users by posing as legitimate contacts to solicit information by email or phone.