Current category:Malware

Fresh Malicious Program Auto-Inserting Inside WordPress Software

Wordpress MalwareFresh malware unleashed by nasty online crooks  is attempting at injecting itself inside WordPress software. Users of WordPress must be vigilant as one fresh malicious program is currently acting to self-insert inside WordPress software.Called Mal/Badsrc-C, the malicious program, a virus exists inside the index.html file and due to its manner of installation it’s visible solely within the Internet Explorer (IE) Web-browser of Microsoft.

Senior Threat Researcher Paul Baccas of SophosLabs UK stated that the malware attack seemed to be proliferating widely so website owners required being watchful. Gmanews.tv published this on September 20, 2011.Furthermore, according to Baccas, examining the PC-virus revealed that the malevolent item would solely get planted when the IE was open. He stated that a preliminary investigation disclosed that the malware somehow succeeded in getting itself to place inside the Hypertext Preprocessor (PHP) script utilized on certain Internet sites having active WordPress.

That, according to Baccas, implied that anyone accessing those sites in IE could put himself at risk of malware assault.

Nevertheless, Baccas said in addition that the thing that remained unclear was in what way precisely the malware succeeded in getting itself satisfactorily implanted onto the Internet sites albeit the researcher conjectures that the implantation in greater likelihood was through hijacked File Transfer Protocol (FTP) credentials. Nakedsecurity.sophos.com.

Warning after the latest development, Baccas elaborates that in case anyone has a website open that utilizes WordPress, it’d be prudent for him to select and use passwords cautiously such as they shouldn’t be dictionary words or easily deducible, and not used on multiple sites. Also, in case anyone doubts his password has been stolen, alternatively he utilized it on some other place online then he should instantly change it.

Besides, an end-user must routinely conduct an inspection of his website’s code for making sure that no unauthorized alterations have taken place.

Lastly, it’s forever important to have one’s website software wholly patched and up-to-date.

Eventually, cyber-criminals attacking WordPress for spreading malicious software aren’t unknown. During August 2011, Websense another security company explained a malware assault, which proliferated via a contaminated module located within several WordPress topics called TimThumb.php.

Have you ever been attacked by malware on your WordPress Site?

GD Star Rating
loading...

About Patrick T. Rasmussen

doing Online Marketing for SPAMfighter. Follow me on Google+ (+Patrick Teglstrup Rasmussen), Twitter (Patrick Teglstrup Rasmussen on Twitter)
This entry was posted in Malware and tagged , , , , , , , . Bookmark the permalink.

19 Comments

  1. Troels says:

    I am running a number of WordPress sites.

    Several of these became the target of a hacker who posted political statements on the frontpage. Although I guess this does not fall into the category of malware, I guess the cure to avoid future problems is more the same.

    Namely increased attention towards security risks.

    In my case I decided to install the below WP plugin

    http://wordpress.org/extend/plugins/better-wp-security/

    This plugin helps fix most of the basic security issues that a standard WP installation has.

    So far this has saved me from further trouble.

  2. allison says:

    I think the generic security advise to select and use passwords cautiously such as they shouldn’t be dictionary words is good advise not just for wordpress blogs but for the internet in general.

  3. Dave says:

    Somebody hacked all of my WordPress sites. Ugghhh

  4. Steve says:

    My wordpress site was hit with something similar a year or so ago, the Godaddy techs said there was no way but I’m certain it got my installation via the virtual hosting… some type of worm

  5. Nick says:

    I recently bought a domain, and it was hosted on an IP address that had been attacked, so my website appeared to be malicious, even though it was someone else on the IP! It was very frustrating, and still hasn’t been resolved.

  6. Neti says:

    We had an ‘insider’ attack once where one of our WordPress users uploaded some malicious code by accident. After that we locked everthing down very tightly and still run daily scans.

    There are several free antivirus plugins for WordPress which work well and stop the entry-level attacks.

  7. Bonjour Tristesse says:

    Yet another thing to watch out for, and also a good reason not to use IE.

  8. dom says:

    Thanks for making me aware of this threat. I have created two websites and i will take whatever measures i can to avoid being hacked into. This post is very timely.

  9. John Galt says:

    Yeah this sucks big time ! I have heard that Joomla and Drupal are becoming better choices as they are much more secure.

  10. Stacked Nne says:

    yeah I have seen this attack a few sites and there are some fixes going on. WordPress is a great blog platform but I wouldn’t run any high level on it.

  11. Ralph Brown says:

    I had a Drupal account hacked more than once so it’s not just WordPress but thanks for the reminder to lock everything down.

  12. Auto says:

    I recently bought a domain, and it was hosted on an IP address that had been attacked, so my website appeared to be malicious, even though it was someone else on the IP! It was very frustrating, and still hasn’t been resolved.

  13. Cher says:

    I think the generic security advise to select and use passwords cautiously such as they shouldn’t be dictionary words is good advise not just for wordpress blogs but for the internet in general.

  14. Food says:

    Never had any problem with word press however I know people who had some…
    really useful post.
    Any suggestions on how to avoid or block this malware?

  15. PSD to HTML says:

    A few weeks ago my wordpress website was hacked also. When you entered the url in the browser nothing seemed wrong because the website showed up as supposed to. But when you searched my website through google and clicked on it, you were linked to another website. I changed all my login / php information and the hack was gone. Those hackers really make me feel sick!

  16. Simon says:

    I found a Mal/Badsrc-M inside the index.php of my WordPress site. Al though it seemed quite straightforward to remove ( copy the original text back into the page and upload using FTP) it worries me very much about just how it got there to start with as I run about 20 WordPress sites for various clients.

  17. Patrick says:

    Nasty online crooks continue to tarnish business online! And they are presently picking wordpress, and this becomes dangerous when you know the important number of wordpress sites we are running every day. We have to be careful in order to prevent troubles. How to stop this malware ? I realized that wordpresse is still hunted,because I know people who badly experienced it. We need a basic solution to solve this. if there is one proposal that help prevent this malware, we really appreciate.

  18. Rabi says:

    Hi Patrick,

    My website has been blocked by google due to reports of malicious program.
    I do not know how I got it or maybe someone hack it then placed malware.
    Is there a way to remove?

    Hope you can help. Thank you

  19. Patrick T. Rasmussen says:

    Hi Rabi, Thanks for your comment. I’ll recommend you to create a topic at Google Webmaster Help Forum , I’m sure that the guys can answer your question.

    http://productforums.google.com/forum/#!forum/webmasters

    7patricK

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>