An untested version of Gumblar reigns chaos through PHP CMS-driven sites
Independent security researcher Denis Sinegubko has recently stumbled upon a new version of the Gumblar Web botnet that has quite a craving for PHP CMS-driven websites. Mr. Sinegubko has discovered that this latest version (“untested version” as he refers to it) has until now affected more than 300,000 PHP websites, from which about 65,000 running the WordPress blogging platform and 38,000 running the Joomla! CMS.
In his opinion, Gumblar's authors may have unintentionally leaked an untested version on the Web. This latest threat seems to like injecting complex structured PHP sites (regularly referred to as CMSs) like WordPress, Joomla, Drupal, phpBB, vBulletin, Zen Cart, Magento, etc.
See also: Gumblar Breaks WordPress blogs and other complex PHP sites