Akamai’s Prolexic Security Engineering & Research Team (PLXsert) and PhishLabs’ (R.A.I.D.) Research Analysis and Intelligence Division have worked together on a threat advisory that warns enterprises and Software-as-a-Service (SaaS) providers about new distributed denial of service (DDoS) attacks that leverage Joomla servers that have a vulnerable Google Maps plugin installed. The advisory is available for download from: www.stateoftheinternet.com/joomla-reflection.
The known vulnerability in the Google Maps plugin for Joomla enables the plugin to act as a proxy which means the attacker can spoof the source of the request and send traffic somewhere else – the denial of service target.
Although many of the affected servers appear to have been patched, reconfigured, locked or have had the plugin uninstalled, others remain vulnerable to use in this DDoS attack.