Comments on: Computer Worm Attacks Not Updated WordPress Blogs

By: Diamonds For Sale

Diamonds For Sale — Thu, 01 Sep 2011 05:09:03 +0000

Thank you so much for providing individuals with an exceptionally wonderful possiblity to read from this blog. It is usually so kind and also full of a good time for me personally and my office friends to visit the blog on the least three times every week to see the latest issues you have. And indeed, I’m certainly satisfied with all the remarkable things you serve. Certain 2 facts on this page are unequivocally the best we have all had.

By: energy healing los angeles

energy healing los angeles — Wed, 15 Jun 2011 19:38:37 +0000

I have seen many post like this in my life but this is the best among all of them.I want more post from here like it.Thanks a lot for sharing this post with us.

By: joon

joon — Sun, 02 Jan 2011 09:18:12 +0000

I recently came across your blog and have been reading along. I thought I would leave my first comment. Nice post!

By: customize computer

customize computer — Fri, 31 Dec 2010 15:04:56 +0000

thanks for yor information..
a computer worm is danger

By: Fit PC

Fit PC — Fri, 23 Jul 2010 23:32:00 +0000

This is why it’s so important to keep everything updated.Always check to see if there are problems to fix or unwanted intruders like worms.

By: eazyshare

eazyshare — Fri, 18 Sep 2009 19:20:05 +0000

thx posting

By: digitalmind computers

digitalmind computers — Mon, 14 Sep 2009 04:45:18 +0000

Worms are really not good to hear.I hope this problem will be fix and will not happen again.Security must be much higher for the blogs.

By: Lee

Lee — Fri, 11 Sep 2009 03:51:17 +0000

I always have problems with computer security. ArrgH! they’re always a pain…

By: Un nuevo gusano puede poner en peligro tu blog con WordPress | Moyeja.net - Escencia Relativa

Thu, 10 Sep 2009 05:11:31 +0000

[...] Vía | gHacks [...]

By: Fery

Fery — Wed, 09 Sep 2009 14:54:04 +0000

it happened to me. The intruder created new administrator inside my WP, but it could be deleted, should I update my WP?

By: Un nuevo gusano puede poner en peligro tu blog con WordPress

Un nuevo gusano puede poner en peligro tu blog con WordPress — Mon, 07 Sep 2009 18:18:16 +0000

[...] | gHacks 0 comentarios Escribe un comentario ↓ Guardado en: Webmasters, WordPress Etiquetas: [...]

By: Blogs – video blogs | Know Marketing Blog

Blogs – video blogs | Know Marketing Blog — Mon, 07 Sep 2009 17:31:33 +0000

[...] Computer Worm Attacks Not Updated WordPress Blogs6 Sep 2009 by Martin A computer worm is currently in the wild that is attacking unpatched WordPress blogs. Unpatched meaning blogs that have not been updated by their administrators. – [...]

By: Un gusano ataca blogs de Wordpress sin actualizar | Malavida Blog

Un gusano ataca blogs de Wordpress sin actualizar | Malavida Blog — Mon, 07 Sep 2009 06:37:23 +0000

[...] Fuente: Ghacks [...]

By: Daniel Sydnes

Daniel Sydnes — Mon, 07 Sep 2009 05:39:01 +0000

WordPress.com hosted blogs are NOT affected.

Automattic regularly updates their application. Since they control what plugins and themes can be used, their attack surface and regression testing is a constant, known quantity.

Automattic also uses intrusion protection systems and web application firewalls. This helps them recognize attacks in real-time and dynamically shield against them.

By: Mithun John Jacob

Mithun John Jacob — Mon, 07 Sep 2009 04:52:12 +0000

Does this worm affect sites hosted on wordpress.com ?

By: Computer Worm Attacks Not Updated Wordpress Blogs « New Emerging Technologies for Netbook Mobile Phones Laptops Gadget and Gizmos

Mon, 07 Sep 2009 04:03:28 +0000

[...] [...]

By: Wordpress non aggiornati a rischio - The New Blog Times

Wordpress non aggiornati a rischio - The New Blog Times — Mon, 07 Sep 2009 03:31:51 +0000

[...] spiega Ghacks.net. In particolare, osservare la presenza di scritte come “eval” e “base64_decode”, utilizzate per occultare allo sguardo il vero obbiettivo delle manipolazioni. [...]

By: Daniel Sydnes

Daniel Sydnes — Mon, 07 Sep 2009 00:53:51 +0000

@Rarst:

That shouldn’t have happened. Check your file permissions.

We use shared hosting delivered by Apache virtual hosts and mod_php. We follow the ‘File Permissions’ section in the ‘Hardening WordPress’ article in the WP Codex:

http://codex.wordpress.org/Hardening_WordPress

Since we backup both the filesystem and databases nightly, I was able to use ComponentSoftware’s CSDiff to recursively compare directories and MySQL dumps.

Our damage was limited to changes in the database:

– ‘users_can_register’ was enabled in wp_options.

– ‘permalink_structure’ was changed in wp_options.

– Additional ‘rewrite_rules’ was added in wp_options.

– New administrator-level user created, with DHTML code in its ‘first_name’ field to hide it in Users admin panel.

– WordPress Development RSS feed updated to remove security notice about 2.8.4 Security Release.

To detect which sites were hacked, I searched for ‘/wp-admin//options-permalink.php’ in our server logs. Since these are split up by virtual host, I used mlocate / slocate to find log file locations, then used xargs to feed them to zgrep for pattern matching:

locate access_log | xargs zgrep -l ‘wp-admin//options-permalink’

Thanks for the tips regarding PHPIDS, WPIDS, WordPress Firewall Plugin, and .htaccess rules! I tried AskApache Password Protect several months back but couldn’t get it working.

By: Rarst

Rarst — Sun, 06 Sep 2009 18:02:41 +0000

Tell me about it… My blog was recently hacked because some other blogger on server hadn’t upgraded in forever and hacker went through him to hacking rest of server. :)

@Daniel Sydnes

To be fair 2.8 was major release to break stuff. However 2.8.X releases were security updates with very low probability of interferring with plugins and themes.

Obviously I do not have insight into your business, but if you provide thorough and extensive maintenance (that is not part of the initial deal) – it makes sense to charge for that.

By: Computer Worm Attacks Not Updated Wordpress Blogs - Local Tech Experts

Computer Worm Attacks Not Updated Wordpress Blogs - Local Tech Experts — Sun, 06 Sep 2009 16:31:29 +0000

[...] post: Computer Worm Attacks Not Updated WordPress Blogs :browsing, companies, computer-work, entertainment, firefox, internet, linux, News, [...]