Tumblr 101: Tips And Tricks To Get Started
WATCH: Shredding On The Google Guitar!
WordPress blogs hit with mass malware attack
Hundreds of WordPress blogs, particularly those hosted by Network Solutions, have been hit with an attack that cripples the blogs and redirects visitors to a URL that loads malware. The attack has been reported by both Sucuri Security Labs and Trend Micro. It works by replacing the contents of a WordPress blog's "siteurl" field (under wp_options) with some HTML code. That field isn't supposed to contain HTML, so it effectively breaks the blog.Security companies haven't figured out how the blogs were exploited, although Sucuri says it was probably SQL injection or a database problem at Network Solutions. Network Solutions is investigating, and looking to blame a WordPress theme or plugin for the security hole, Trend Micro says. Trend Micro also has some info on the malware that the blogs are now redirecting to: it's a known malware family called BUZUS, and antivirus software should be able to identify it.
If your blog was affected, change your siteurl back to its old value. You can find it under manage database, in the wp_option table.
Comments
3
Subscribe to commentskingkool68Apr 12th 2010 11:03AM
I recently discovered my WordPress blog had some nasty code in it that was used for SEO spamming purposes. The best thing to do requires shell access but this command will search through all of your PHP files looking for the eval() statement.
find * -name '*.php' | xargs grep 'eval('
While eval() isn't a tell-tall sign you've been hacked, if you see it with a bunch of confusing random characters, it's a good point to take a look at it.
megachuckleheadApr 12th 2010 11:45PM
Was the blogs from The Cheezburger Network affected?
"I can haz teh answer rite now??"
EllieApr 26th 2010 2:44PM
That seems to be a very dangerous threat, especially with the amount of bloggers now at risk from these. Be careful everyone, I would recommend to fellow bloggers like myself to use Malwarebytes Anti-Malware. It is a free software application that allows you to clean your PC and prevent it from malware. There is also a paid version with more advanced features if you like this software, it protects your computer nonstop from the moment it is turned on. You will find coupon codes shared by others here: http://news.dtcdeals.com/malwarebytes-coupon-code
This will hopefully keep your computer safe at all times