Pages

Monday, November 07, 2011

Thousands Of WordPress Blogs Hijacked!


(courtesy: EFY Times)



A recent report from anti-virus firm Avast says that cyber criminals have hijacked thousands of WordPress Blogs to deploy malicious codes. According to the revelation from Avast, the hackers are exploiting a critical hole in the TimThumb WordPress add-on to deploy malicious code on a large scale. The anti-virus firm has said that it blocked more than 2,500 infected sites in September and a similar number is anticipated for October as well.

Avast says that the hackers are installing the professional BlackHole exploit framework on the affected servers, which tries to infect visitors to the WordPress blog with malicious code. The framework tries out various vulnerabilities in the visitor's browser and installed plug-ins, mentions a report by The H.

However, the anti-virus firm has not revealed what kind of hole in TimThumb is being exploited. It is believed that Avast is indicating on the same vulnerability that was exposed three months ago which was being actively exploited at that time. Attackers have been successful in finding vulnerabilities in WordPress installations but it seems many admins are not aware of the danger yet. The reason cited is that may be they don't even know that they have installed the vulnerable script on their server.

The report says that the add-on could have got onto the server as part of an installable theme – some themes use TimThumb to resize images. Avast has advised the admins and owners of WordPress blogs to check whether their installed theme uses a vulnerable version of TimThumb. Users can find an incomplete list of affected themes on the sucuri.net blog.

No comments:

Post a Comment