Automatically pulled from Google Starred

Filed under: ,

Hundreds of WordPress blogs, particularly those hosted by Network Solutions, have been hit with an attack that cripples the blogs and redirects visitors to a URL that loads malware. The attack has been reported by both Sucuri Security Labs and Trend Micro. It works by replacing the contents of a WordPress blog’s “siteurl” field (under wp_options) with some HTML code. That field isn’t supposed to contain HTML, so it effectively breaks the blog.

Security companies haven’t figured out how the blogs were exploited, although Sucuri says it was probably SQL injection or a database problem at Network Solutions. Network Solutions is investigating, and looking to blame a WordPress theme or plugin for the security hole, Trend Micro says. Trend Micro also has some info on the malware that the blogs are now redirecting to: it’s a known malware family called BUZUS, and antivirus software should be able to identify it.

If your blog was affected, change your siteurl back to its old value. You can find it under manage database, in the wp_option table.

WordPress blogs hit with mass malware attack originally appeared on Download Squad on Mon, 12 Apr 2010 10:30:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Add to digg
Add to del.icio.us
Add to Google
Add to StumbleUpon
Add to Facebook
Add to Reddit
Add to Technorati




WordPressTrend MicroNetwork SolutionsBlogMalware

Go to Source