December 20, 2008: Within 24 hours of its release, about 30,000 to 40,000 websites were attacked by Santy. The worm, which exploited vulnerability in phpBB software, holds a record of spreading worldwide within three hours of its release. It caused writable files (of formats such as .php and .html) on the infected servers to display the message “This site is defaced!!! This site is defaced!!! NeverEverNoSanity WebWorm generation X”, where X is a number representing the generation of the worm. There have been variants of the worm, some that use alternative search engines after Google blocked queries from the Santy worm, and an anti-Santy anti-worm that attempts to patch vulnerable installations.
12.20.18
