Following a series of vulnerability disclosures throughout 2014, the popular content management framework Joomla has been actively targeted for exploitation by malicious actors. These exploitation campaigns usually pursue the compromise and entrenchment of large numbers of servers, or Software-as-a-Service (SaaS) providers, that can then be used to distribute malware and phishing campaigns or can be used to serve as zombies in distributed denial of service (DDoS) botnets. In 2014, PLXsert published a white paper on how vulnerable web frameworks are used for botnet building.
Para seguir leyendo el estudio ir al enlace de más abajo