Hackers have attacked hundreds of Drupal websites, installing ransomware that hijacks the website’s main page.
Softpedia reported that the attackers exploited a two-year-old vulnerability in Drupal for the SQL injection attacks.
Drupal website owners said their websites were locked, with the message:
“Website is locked. Please transfer 1.4 BitCoin to address 3M6SQh8Q6d2j1B4JRCe2ESRLHT4vTDbSM9 to unlock content.”
“The attacker’s scanning bot extracts the Drupal site’s version, then uses the CVE-2014-3704 vulnerability to break into the affected websites and change the admin user’s password,” reported Softpedia. For the full article click here
from hacker samurai http://ift.tt/27QDVXF
via IFTTT
No comments:
Post a Comment