Joomla logo

Joomla has just released a patch for a zero-day vulnerability (CVE-2015-8562) that has been massively exploited during the weekend.

This remote code execution vulnerability is present in Joomla ever since version 1.5.0.

It is recommended to upgrade to 3.4.6 immediately if you are running a public server.

The sucuri blog has given  indicators of compromise:

Look for requests from 146.0.72.83 or 74.3.170.33 or 194.28.174.10

 

[..] recommend searching your logs for “JDatabaseDriverMysqli” or “O:” in the User Agent [..]

NO COMMENTS