Automatically pulled from My Clippings on NewsGator Online

Filed under: Security, News, Blogging

Several sites are reporting that a major attack on Wordpress blogs started yesterday. The latest version of Wordpress, 2.8.4, is not vulnerable to this particular worm, so upgrading now could save you a lot of headaches. The worm creates a new, hidden administrator account on your blog, allowing whoever’s behind this thing to access the guts of your blog, databases and all.

How do you know if your site has been affected? Lorelle on Wordpress offers two possible ways to find out:

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize.

Wordpress has acknowledged the attacks and encouraged users to upgrade their sites. Wordpress.com users aren’t affected, as the whole system has already been updated to 2.8.4. If you’ve already been afflicted by the attack, start on the steps in Wordpress’ FAQ.

[via Mashable]

Wordpress under attack, upgrade your blog now originally appeared on Download Squad on Sun, 06 Sep 2009 17:35:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Sponsored Topics:
Wordpress – Download Squad – Blog – Weblogs – On the Web
Go to Source

• WordPress Exploit Scanner helps you keep your install clean (0)
• Volery relaunches as Ninite – still a hassle-free way to install great, free software (0)
• Mario AI Competition pits AI programmers against one another (0)
• Immunet releases free cloud-powered antivirus for Windows (0)
• How To Develop Websites On Linux (0)

Tags: blockquote, email, Google, Inc., IO, php, security, way, WordPress