Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Wordpress Worm Is Worrisome

  • Please log in to reply
No replies to this topic

#1 Andrew


    Bleepin' Night Watchman

  • Moderator
  • 8,260 posts
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:08:44 PM

Posted 08 September 2009 - 03:00 AM

A new worm is circulating that inserts itself into older versions of the popular Wordpress blogging platform.

According to the official Wordpress Blog, the worm "registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts."

Luckily (or not) the worm contains an error in its "cleanup" section and actually breaks every single link in the affected blog. The latest version of Wordpress is immune to the attack and all users are strenuously urged to update.

Lorelle on Wordpress mentions steps users can take to see whether their blog has been hacked as well as links to help mitigate the effect if they have.

One notable victim so far is Robert Scoble, a noted tech blogger who lost two months' worth of blog entries.

Users who use Wordpress' hosted blog service are already protected by the latest version. Users who host their own blogs should update immediately.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users