Runforestrun update

Posted on June 26th, 2012 in 0day,exploit by dglosser

Old versions of Plesk store passwords in clear text
->   http://blog.unmaskparasites.com/2012/06/26/millions-of-website-passwords-stored-in-plain-text-in-plesk-panel/

There is  a remote  SQL vulnerability that has been found in old versions of Plesk allowing attackers to exploit those
-> http://kb.parallels.com/en/113321


Combine these two together and what do you get, malware of course.

Plesk Vulnerability Leading to Malware

Runforestrun and Pseudo Random Domains

Run, Forest! (Update) – block



We’ve added a bunch of these domains but you should check the resources above, as well as new IP addresses to block.


(Thanks to Jack W. for keeping us up-to-date on these developments.)



Comments are closed.