14 DAY TRIAL // Security researchers from Verasafe have identified a zero-day attack in the wild that can take complete control of Joomla websites.
An update for the vulnerability leveraged in the attack was released in late July, so users are advised to update their installations as soon as possible to protect themselves.
In the first half of 2013, Verasafe noticed a spike in the number of legitimate Joomla websites involved in phishing and malware attacks. The company determined that the attacks relied on a vulnerability in the Joomla platform.
The attackers, apparently based in China, targeted websites from all over the world.
“Several of the compromised servers redirected users to a Blackhole landing page, thereby infecting them with a Zbot variant,” the company’s report reads.
If you haven’t already updated your installation, you can download Joomla from Softpedia.