News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

DevShed:
Hackers Compromise PHP Sites to Launch Attacks
December 18, 2012 @ 12:07:35

According to this new post on DevShed, there have been several targeted attacks against U.S. bank websites (DDoS), some of which involved the compromise of PHP-based applications.

Once the hackers got into the PHP-based websites, they inserted toolkits to turn them into launch pads for their distributed denial-of-service attacks. Hackers then launched the attacks on banks by connecting directly to the compromised PHP-based websites and sending them commands, or took advantage of intermediate servers, proxies or scripts to make the websites do their bidding. InformationWeek lists three attack tools used by the hackers: KamiKaze, AMOS, and the "itsokaynoproblembro" toolkit, also known as Brobot.

Several major banks have been targeted including Bank of America, JP Morgan/Chase, HSBC and Well Fargo. The main problem was out-of-date software running on the site containing known security issues the attackers could exploit to install their own software.

If a hacker can break into a PHP-based website to use it as a staging area for an attack on a different website, they can also use that website to store stolen information. InformationWeek cited the example of the Eurograbber attack campaign, revealed earlier this month. The gang involved in that campaign stole $47 million from more than 30,000 corporate and private banking customers - and used PHP-based websites into which they hacked to store stolen information.
0 comments voice your opinion now!
hacker bank website exploit attack timthumb joomla wordpress


blog comments powered by Disqus

Similar Posts

Gareth Heyes' Blog: Exploiting PHP SELF

Developer Tutorials Blog: Designing and Coding a Wordpress Theme From Scratch

ThinkPHP Blog: Multilingual Websites with PHP

Community News: Book Release: "Easy PHP Websites with the Zend Framework" (W. Jason Gilmore)

FinishJoomla.com: How Many Websites Are Using Joomla: A Closer Look


Community Events











Don't see your event here?
Let us know!


package symfony2 release language security component facebook example composer overview install introduction code opinion framework unittest hack podcast application hhvm

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework