New Santy Variants Learn to Use Yahoo, AOL

CYBERSPACE — The Santy Internet worm, which was discovered last week and used the Google search engine to find vulnerable websites, has evolved to spread via other search engines following Google’s crackdown on the worm’s distribution mechanism.

Net-Worm.Perl.Santy.a, the original version of the worm, targeted phpBB online bulletin boards and searched Google for “viewfiles.php,” which allowed the worm to find versions of the phpBB software earlier than 2.0.11.

“Santy.a is something of a novelty,” Anti-virus firm Kaspersky said at the time. “It creates a specially formulated Google search request which results in a list of sites running vulnerable versions of phpBB.”

Once the virus has located its targets and successfully infected a site, it searches for and overwrites files with .asp, .htm, .jsp, .php, .phtm, and .shtm extensions. In their place, the worm places files which contain the text, “This site is defaced!!! NeverEverNoSanity WebWorm generation.”

Google began filtering search requests soon after the worm was discovered and began to return results only for sites no longer vulnerable to the worm, but new versions of the worm that use AOL and Yahoo search engines began popping up late last week and were announced by the Internet Storm Center on Christmas Day.

The variants, referred to as Santy.b and Santy.c, operate differently than the original worm, according to anti-virus experts.

“It tries to pull several scripts from an affected forum,” wrote the ISC in its daily diary. “The forum could have been compromised and used as a base to attack others.”

Among other features included in the newer versions of Santy are the attempted installation of a bot that would grant an attacker control over the computer and may possibly allow for targeted distributed denial-of-service attacks.

Another new worm, originally referred to as Santy.e, was reported by the Kaspersky, which exploits PHP scripts called “PHP Scripts Automated Arbitrary File Inclusion,” and could be potentially dangerous to any website, even with updated versions of PHP and phpBB.

After an analysis of the worm by Kaspersky, though, the worm was found to contain different mechanisms by which it operated and was renamed to Spyki.b.

The worm was also tagged as being created by Brazilian hacking group Atrix Team.

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

FSC Unpacks SCOTUS Age Verification Ruling in Webinar

The Free Speech Coalition conducted a public webinar Tuesday to help adult industry stakeholders understand the Supreme Court’s recent decision in FSC v. Paxton, and its potential implications.

UK Lawmaker Calls for Appointment of 'Porn Minister'

Baroness Gabrielle Bertin, the Conservative member of Parliament who recently convened a new anti-pornography task force, is calling for the appointment of a “minister for porn,” according to British news outlet The Guardian.

FSC Toasts Jeffrey Douglas for 30 Years of Service

n the very same evening when the adult industry was hit hard by the Supreme Court ruling supporting Texas’ controversial age verification law, HB 1181, members of the Free Speech Coalition board, staff and supporters gathered to celebrate Jeffrey Douglas’ 30 years as board chair — a fitting reflection of his reputation as an eternal optimist.

TTS Opens UK Testing Location

Talent Testing Service (TTS) has opened a new U.K. location in Ware, Hertfordshire.

FSC: Age-Verification Laws Go Into Effect South Dakota, Georgia, Wyoming on July 1

The Free Speech Coalition (FSC) has published a statement regarding new age verification laws set to go into effect tomorrow in South Dakota, Georgia, and Wyoming.

FSC Responds to Supreme Court Decision on Texas AV Law

The Free Speech Coalition (FSC) has released a statement responding to last week's Supreme Court decision on FSC v. Paxton, the Texas age verification law.

Sex Work CEO Debuts Upgraded 'GPTease' AI Assistant

Sex Work CEO has introduced the new Canvas in-chat editing feature to its AI-powered, NSFW text generator, GPTease.

UPDATED: Supreme Court Rules Against Adult Industry in Pivotal Texas AV Case

The U.S. Supreme Court on Friday issued its decision in Free Speech Coalition v. Paxton, striking a blow against the online adult industry by ruling in support of Texas’ controversial age verification law, HB 1181.

North Carolina Passes Extreme Bill Targeting Adult Sites

The North Carolina state legislature this week ratified a bill that would impose new regulations that industry observers have warned could push adult websites and platforms to ban most adult creators and content.

Supreme Court Ruling Due Friday in FSC v. Paxton AV Case

The U.S. Supreme Court will rule on Friday in Free Speech Coalition v. Paxton, the adult industry trade association's challenge to Texas’ controversial age verification law, HB 1181.

Show More