Santy worm squished by Google

Santy worm squished by Google

Summary: Google has responded to calls from antivirus firms to stop the spread of an Internet worm that was using the search engine's technology to spread among online bulletin boards.Antivirus firms say the Santy worm, which searches Google for sites using a vulnerable version of the phpBB bulletin board software, was spreading quickly and had already infected around 40,000 Web sites by Tuesday evening.

SHARE:
TOPICS: Google, Browser, Software
1
Google has responded to calls from antivirus firms to stop the spread of an Internet worm that was using the search engine's technology to spread among online bulletin boards.

Antivirus firms say the Santy worm, which searches Google for sites using a vulnerable version of the phpBB bulletin board software, was spreading quickly and had already infected around 40,000 Web sites by Tuesday evening.

On Wednesday, a Google spokesperson told ZDNet Australia  that although Google users were not at risk from Santy, the search company had started blocking attempts by the worm to replicate.

"We are aware of an Internet worm that exploits a vulnerability in third-party Web servers that use PHP Bulletin Board software. While the worm does not put Google users at risk, we are working to help stop its propagation by blocking queries to Google that are generated by the worm," the spokesperson said.

Google was prompted into action after antivirus firms, such as F-Secure, said it would be "trivial" for Google to stop the spread of the worm because its methods of propagation were well known.

Mikko Hypponen, research director of antivirus firm F-Secure, said: "We've been trying to reach the right people at Google. They could stop this Santy outbreak right now simply by stopping responding to the queries the virus uses. This wouldn't hurt any end users and would in fact take load off from Google servers."

In August, a MyDoom variant used Google and other search engines to search for e-mail addresses. The virus pumped so many queries into Google that the search engine was unavailable or very slow for large periods of time. The same variant of MyDoom also succeeded in knocking a number of smaller search engines -- including Lycos and Altavista -- off the Web completely.

Robert Lemos contributed to this report

Topics: Google, Browser, Software

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • All companies who design software including anti- virus software companies are to blame for these destructive viruses, trojans, p****word hackers and worm that p**** through millions of servers each day,

    While they target profits from sales of there software not one of these companies have given thought to the end users who have to always upgrade or patching wearing out there hard drives and testing peoples patients and time.

    If any of these virus writing idiots are reading this then wake up to yourself it maybe fun to bring down a company server or to show a friend your programmming skills but think of the billions of users that are wasting there money just to breed your own greedy ways and that of companies,

    Why don't you put your skills to the real test and show these software designers how to fix there security holes and earn some respectas this is costing people jobs and causing famliy break ups as a results
    anonymous