| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 123626 | 2012-03-07 20:29:00 | 30000 wordpress blogs infected | nedkelly (9059) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 1263690 | 2012-03-07 20:29:00 | pcworld.co.nz Hope no-one here got hit. |
nedkelly (9059) | ||
| 1263691 | 2012-03-07 20:40:00 | 30000 blogs? The world is now a better place. |
Metla (12) | ||
| 1263692 | 2012-03-07 20:42:00 | Seems to be Wordpress blogs that have not been updated/optimized for security. Because I mainly use Google's Blogger and hosted by them, it seems they protect Blogger (http://googleonlinesecurity.blogspot.co.nz/) adequately. | kahawai chaser (3545) | ||
| 1263693 | 2012-03-07 21:14:00 | Wordpress isn't specifically JUST for blogs. In fact a lot of sites use it like my fathers www.s-s-s.co which he uses as a sort of "store front". I got hit earlier in the year just after new years. What a ***** of an issue to clean up at the time, but I figure out it's not *too* difficult to fix up. It's just tough doing it on about 20 websites all at once. If you have a shared hosting account that does more than one domain, even if you clean up one, then the infected domain will reinfect the new and secure version of wordpress still. Nearly cried I tell you! Anyways most of the attacks happen when you visit the website through Google, specifically the 'malware' (Whatever you wanna call it) checks the HTTP Referrer. If you're coming from Google or Bing or the likes, then it'll redirect you to a rogue website. If you're typing in the URL directly then you'll still get your website (Quite sneaky / clever of them I thought). This website will help you to check and see if your own wordpress website is infected: sitecheck.sucuri.net From what I could tell the latest round is only for those who were running 3.3.0 (When the vulnerability was introduced). Earlier / newer versions are unaffected I think. Wrote a quick guide too on cleaning it up: www.c2s.co.nz Don't forget to check that sucuri site scanner afterwards, and for the next day or two on your own site to make sure you're not re-hacked (Like I found was happening on my shared hosting when I hadnt upgraded all the websites in one hit). |
Chilling_Silence (9) | ||
| 1263694 | 2012-03-07 23:07:00 | That link you posted to that scanner was helpful chill | nedkelly (9059) | ||
| 1263695 | 2012-03-07 23:40:00 | Mine's clean, (phew! and wipes brow) Thanks Chill I have now bookmarked Sucuri site. LL |
lakewoodlady (103) | ||
| 1 | |||||