Holy Hackers! WordPress Users Be On The Lookout

Posted: May 12th, 2010

Image by Josh Self (Flickr)

Image by Josh Self (Flickr)

It seems that hackers have been on the offensive in past couple of weeks targeting self-hosted WordPress blogs. I mean we’re talking all out war here.

The scary part?

Rather than going for the WordPress installation on individual websites, these hackers target installations on hosting servers meaning the reach is widespread. Even worse… the big boys of the hosting providers have been affected: GoDaddy, Network Solutions, DreamHost and Media Temple.

If you do not use any of these companies to host your WordPress, you still aren’t out of the woods yet. Many reseller hostings use these companies as their primary hosting. Plus, with the frequent waves that these attacks keep coming, it’s only a matter of time before they reach other hosts.

In other words, be on the lookout if you have a self-hosted WordPress blog.

Even this instance, as I write, GoDaddy is dealing with another new server exploit wreaking even havoc on more WordPress blogs.

The Culprit

Blogs affected from a breached host server are infected with scripts that redirect visitors from your website to another website that infects the visitor’s computer with malware. I happened to have come across one of these infected websites by chance and you’ll notice that the browser window closes and a message pops up asking you if you want to download an anti-virus.

First of all, update your virus definitions since visiting an infected website will infect your computer with a harmful malware. Then if you notice that your own blog appears infected and redirects to a blank page or you receive a message to download anything, stop. Do not click Yes or OK.

If your blog is infected, don’t panic. The malware can be removed by following instructions on this page.

Be Alert

Unfortunately, there’s not much that can be done on your part to prevent these server attacks except hide in your basement with a shotgun. OK, a little too much but just be prepared. It helps, though, to keep up to date with the latest server exploits at WPSecurityLock.com so you know if trouble is in the neighborhood.

Now would be a great time for that backup , too, wouldn’t it?

More on the author, Johnny Spence
Johnny is the founder of The Freelance Rant and a freelance web programmer with 8 years in the business. Have a visit at his company Oscarrr!web or see what he's up to on Twitter.

8 Comments. Join In!