WordPress Blogs Fall Prey to Worm

A worm is circulating that can post malware and spam to some WordPress blogs using outdated versions of the blogging software, according to a post by Matt Mullenweg, founding developer of WordPress.

The worm can be tough to catch, as Mullenweg explains: “it registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts.”

From what I gather, the worm is especially a threat for self hosted wordpress sites. 

Also check out http://codex.wordpress.org/FAQ_My_site_was_hacked

Read the complete article here >>>

2 thoughts on “WordPress Blogs Fall Prey to Worm

  1. Pingback: Blogs en peligro a través de WordPress - ITespresso.es | Recursos para desarrollo y diseño web - AlmacenPlantillasWeb Blog

  2. Pingback: ROUND UP « John Dierckx

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s