Another update needed to Drupal 8, 7 and 6

Money making by hacked Drupal site


Like already noted in the last post the previously found Drupal vulnerability is weaponized and the software has been executing automatic attacks now for a couple of weeks against all Drupal websites all around the internet.

Yesterday there was another release from Drupal security team. This means update your site AGAIN and IMMEDIATELY if you have not yet done it.

Because all these security fixes are linked we have probably very little time until the newly found security hole is again weaponized. That's is why the release window for the update was only a few days this time.

Usually when someone finds a "thing" from code which in this case is a security hole, others (security team and the bad guys) start looking the code more carefully and might find other interesting "things" (linked vulnerabilities). Because of the new trend there is money been made by using your server to mine cryptocurrencies so the bad guys are really motivated because there is money directly involved!

If you have not yet updated your site for DrupalGeddon2 it is propably too late. Your server is hacked and you should start planing restoring the site and checking your server for cryptomining software.


CEO, Full stack developer
Tipi Koivisto

Add new comment