Thread: Comus Thumbs Backdoor/Trojan: Don't be reading this now, then post next week crying.
View Single Post
Old 10-04-2009, 01:14 PM  
beta-tester
Rock 'n Roll Baby!
 
Join Date: Sep 2004
Location: USA, temporarly
Posts: 22,562
Quote:
Originally Posted by Naughty-Pages View Post

"Somewhere" in Comus is a vulnerability which allows backdoor files to be created, then those backdoors create the trojans across the server.

If you have not been hit, it is simply because your script has not yet been targetted. It could be an hour from now, a week from now, a year from now, or never. Just because it is vulnerable, does not mean you WILL get infected.. it just means it's possible.. but if I were a betting man, I would say it will probably happen sooner or later to you.

Comus thumbs site has been messed up for some time, and then this issue occured.. with no mention from them about what's up, with the exception of boneless commenting in a few threads that they are trying to deal with it.
Hmm.. do you have mod_security installed on your apache? Also, do you know which comus files are directly hit with this infection? Meaning, which files you first noticed that had malicious code in?

I am not playing with this, but i want to make sure comus is really vulnerable.
__________________

Sig for sale. Affordable prices. Contact me and get a great deal ;)

My contact:
ICQ: 944-320-46
e-mail: manca {AT} HotFreeSex4All.com
beta-tester is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote