WordPress blogs at risk from worm

Jennifer Guevin CNET News.com | September 8, 2009 5:41 AM PDT

Summary

A worm is circulating that can post malware and spam to some WordPress blogs using outdated versions of the blogging software, according to WordPress.

Topics

Blog, Worm, Cyberthreats, Blogging, Viruses And Worms, Security, Internet, WordPress, blogs, malware, spam, Jennifer Guevin CNET News.com

Vendor HotSpot

The 360° Conversation around Cloud Computing

TECH VISUALIZER brings the social conversation to life... powered by Brocade

Learn More »

A worm is circulating that can post malware and spam to some WordPress blogs using outdated versions of the blogging software, according to a post by Matt Mullenweg, founding developer of WordPress.

The worm can be tough to catch, as Mullenweg explains: "It registers a user, uses a security bug (fixed earlier in the year) to allow evaluated code to be executed through the permalink structure, makes itself an admin, then uses JavaScript to hide itself when you look at users page, attempts to clean up after itself, then goes quiet so you never notice while it inserts hidden spam and malware into your old posts."

The vulnerability allowing the attack was discovered on August 11, at which point WordPress encouraged users to upgrade to version 2.8.4. However, many people have yet to upgrade, and reports online indicate the worm is making progress by the hour.

The worm does not affect the current version 2.8.4 and the one prior to it, and it only affects people who host their own WordPress blog. Blogs hosted on WordPress.com are unaffected.

Users can find upgrade links and instructions on WordPress.org. WordPress has also posted an FAQ for people who think their blog has been hacked.

This article was originally posted on CNET News.

Comments

Add Your Opinion

Join the conversation!

Follow via:: RSS; Email Alert

Just In

Figures...

bandersnatch42vt 9th Oct 2009

I always thought it was a bit risky coming here. grin

View in thread

Please Select
Please Select

0 Votes

+ -

Upgrade speed

shacker23 8th Sep 2009

2.8.4 has been out for about a month. If you haven't upgraded by now, you're asking for it. My upgrade window for security updates is 24 hours. Easy for us geeks to say, but most end users don't know or care what version they're on - they leave this kind of thing to their admins (if they have them) or just shine it on.

As an admin, I check out all WP installations via subversion, and keep them all in an array in a shell script. I can upgrade 125 WP installations in 5 minutes flat (and only 15 seconds of that time is me with hands on keyboard). If you manage a lot of WP installs, I really recommend this approach. Here are the scripts I use to do this:

http://birdhouse.org/software/2008/04/wp-create/
http://birdhouse.org/software/2007/07/wp-mass-upgrade/

Reply
Flag

0 Votes

+ -

got headaches? =D

pgit 8th Sep 2009

Man, I hate it when an update comes along and breaks everything. I had a dokuwiki nightmare a while back, took me a week to find the workaround, which left a few folks needing to reestablish some of their content lost in the shuffle. (embedded imagery)

Joomla is another one that can be a bear to straighten out after and upgrade. Thank goodness older versions of apache can be safely run without needing to upgrade the whole thing...

Reply
Flag

0 Votes

+ -

Oh, yes... upgrading web apps...

MV_z 9th Sep 2009

Oh, yes... upgrading web apps is such a pain. Specially if you are supporting hundreds of sites. Some new webapps have some sort of automatic upgrade option, but most don't.

I wish I could install just one copy of any given application and then that become available for all sites in a server. The one-copy-per-site is a bit hard to maintain when the site owner is not his/her own admin.

Regards,

MV

0 Votes

+ -

RE: WordPress blogs at risk from worm

wcminor 8th Sep 2009

I avoid this by not using wordpress. I'm using blog-stalk.com instead.

Reply
Flag

0 Votes

+ -

thanks...

pgit 8th Sep 2009

Never heard of blog-stalk. Thanks for the tip, I'll dig around a bit and see if it can help me.

Reply
Flag

0 Votes

+ -

The danger of popularity

bobdavis321 8th Sep 2009

I recently switched to WordPress for designing web sites. It is by far easier than Joomla, etc. However it may become to popular of a web design platform and hence it becomes a target of hackers.