Saturday, September 5, 2009

Wordpress Under Fire

Just a friendly reminder to readers here that also run their own blogs. It seems that older versions of Wordpress are under a particularly nasty "attack". If you are running an older version of Wordpress than the current version (2.8.4 as of this writing), you need to upgrade now! From Lorelle on Wordpress:
Otto42 of OttoDestruct, a key WordPress developer and supporter, reports that there is an “attack” on older versions of right now. The number of sites hit by this is growing every hour. Protect your WordPress blog now: UPDATE NOW!!!Update your WordPress blog before you continue reading this post. That’s how critical this issue is.

There are two clues that your WordPress site has been attacked.

There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account, but Journey Etc. has a possible solution.

This only affects self hosted Wordpress sites not Wordpress.com blogs. If you have already been hacked, they also have some suggestions for fixing it. Again, upgrade now.

No comments:

Post a Comment

Anonymous comments are allowed as long a you pick a pseudonym and stick with it. Posting under multiple names is not permitted and will result in all comments being deleted.

Note: Only a member of this blog may post a comment.