Hackers actively exploit critical vulnerability in sites running Joomla

Enlarge / An payload that's been modified so it can't be misused. Malicious hackers are using it to perform an object injection attack that leads to a full remote command execution. (credit: Sucuri)

Attackers are actively exploiting a critical remote command-execution vulnerability that has plagued the Joomla content management system for almost eight years, security researchers said.

A patch for the vulnerability, which affects versions 1.5 through 3.4.5, was released Monday morning. It was too late: the bug was already being exploited in the wild, researchers from security firm Sucuri warned in a blog post. The attacks started on Saturday from a handful of IP addresses and by Sunday included hundreds of exploit attempts to sites monitored by Sucuri.

"Today (Dec 14th), the wave of attacks is even bigger, with basically every site and honeypot we have being attacked," the blog post reported. "That means that probably every other Joomla site out there is being targeted as well."

Read 2 remaining paragraphs | Comments