Joomla (and WordPress) Bulk Exploit ongoing

Posted on December 10th, 2012 in 0day by dglosser

Sans reports that there is an ongoing bulk Joomla and WordPress exploit, complete with iframes pointing to Fake AV.

If anyone has seen a published list of the FQDN’s involved in this, please let us know so we can add those domains here.

Update: The issues with the zone files seem to have been resolved and some of the domains used in this exploit have been added to the blocklist


Comments are closed.