IT Security: unpatched Joomla sites allow phishing scams to hide
The Anti Money Laundering Network has identified a security hole in installations of Joomla!, the popular CMS platform, that allows fraudsters to place files to act as landing pages for spam-scams including a phishing expedition targeting customers of a South African bank.
Most Recent - This Section
IT Security: Zappos.Com admits huge security breach.IT Security: "Twihards" targeted by internet crooks
IT Security: Microsoft ceases use of "supercookies."
IT Security: US Cert released latest vulnerability summary
IT Security: Drive-by downloads? How about drive-home monitoring?
Most Recent - Whole Site
Internet: Has Google opened a hole in your company's IT security policy?IP: is MegaUpload the most important case you've never heard of?
Infotech: when wow turns to WTF: do you care about Blackberry 10?
Internet: Google makes pro-restrictions point, emasculates Wikipedia protest
F1: Williams signs Senna, says "goodbye" to Barichello
Most Recent - BankingInsuranceSecurities.Com
Investment Banking: The arrest of Credit Suisse bosses by the SECSanctions: OFAC update 20120201
Capital Markets: SAXO AUS accepts new licence conditions, changes status
Banking: US takes action against personation suspects
Sanctions: OFAC Update 20120123
South Africa's First National Bank is a frequent subject of phishing attacks.
An example which arrived at the offices of The Anti Money Laundering Network, parent company of Vortex Centrum, publishers of ChiefOfficers.Net exploits a security hole in unpatched versions of Joomla!, one of the most popular content management systems for small-to-medium websites and used by many companies, universities and other organisations.
The breach is exploited in the /modules/mod_breadcrumbs/tmpl/default/mammoth directory. Fraudsters are able to place a "landing page" in that directory which receives visitors from a widespread spam-scam e-mail. "mammoth" is a popular "theme" for both Joomla! and Wordpress. It is not known if the vulnerability is also present in the equivalent Wordpress directory.
Download PDF version of this page
