DDoS Attackers Leveraging Joomla Vulnerability
You are here
DDoS Attackers Leveraging Joomla Vulnerability
By Tara Seals US/North America News Reporter, Infosecurity Magazine
Email Tara
Attackers using Joomla servers with a vulnerable Google Maps plugin installed are launching distributed denial of service (DDoS) attacks, using reflection techniques.
Reflection DDoS attacks each take advantage of an Internet protocol or application vulnerability that allows DDoS attackers to reflect malicious traffic off a third-party server or device, hiding their identities and amplifying the amount of attack traffic in the process.
In this case, the company was able to identify more than 150,000 potential Joomla reflectors on the Internet. Although many of the servers appear to have been patched, reconfigured, locked or have had the plugin uninstalled, others remain vulnerable to use in the DDoS attacks.
"Vulnerabilities in web applications hosted by software-as-a-service providers continue to provide ammunition for criminal entrepreneurs,” said Stuart Scholly, senior vice president and general manager for the Security Business Unit at Akamai, in the advisory. “Now they are preying on a vulnerable Joomla plugin for which they've invented a new DDoS attack and DDoS-for-hire tool.”
Follow Link below to read more