Last month, we at our client side were busy fighting phishing attacks. In 30 days we had around 25 phishing attacks. These phishing sites were all hosted on compromised sites with Jhoomla applcation hosted on it. So we had 25 compromised Jhoomla sites. However we were not able to figure out the exploit being used but it surely would be RFI or Remote code execution attack vector being used. So beware you all Jhoomla application users, dont forget to keep monitoring your web-logs frequently. Also check the server files if any suspicious file is lying around. It may be php shell file. Also keep Jhoomla up-to-date.

Similar Posts you might be interested in:

• Conficker arrest!!!
• Understanding Microsoft Security Response Center Exploitability Index
• Microsoft released IE out-of-band patch