Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Clever PC Virus Attacking WordPress Blogs

WordPress, provider of blog publication application and content management system, is cautioning against a clever PC virus that is propagating among its users. This new PC virus exploits the software's previously known security flaw.

In its online warning, the company posted that the virus similar as many earlier worms was smart as it registered an end-user and exploited a security vulnerability so that malware could run via the permalink architecture. Further, the virus, posing as an admin, utilized JavaScript to remain invisible. While the user created his web-page, the virus tried to remove all of its traces, and subsequently became silent to escape detection. It injected malware and spam into the end-user's older posts, the company added.

One of the persons struck by the virus is blogger 'Robert Scoble,' who claimed that some weeks ago a few hackers had invaded his blog, as reported by Guardian on September 5, 2009. Initially, he imagined that the attackers had simply left certain pornographic websites in one or two blog entries. Consequently, WordPress upgraded its software thinking that the problem had been resolved. However, that was not the case, as the hackers came back, doing much greater damage by deleting of Scoble's blog entries made over two months, Scoble recounted.

Curiously, it was possible to identify the virus because of the defects associated with its design. These defects snapped web-links on the blogger's page, raising alarm that there was some problem. Naturally, the blogger tried to determine the cause and detect the extent of damage.

The security specialists said that the tactics used by the virus were novel but the strategy was the same. The malware messed up while trying to remove its traces, when it almost became noticeable. While older viruses used to childishly deface a blogger's page, the newer worms remain quiet and invisible, but become noticeable when they crumple as in the current case, or the blogger's page gets eliminated from Google because of malware/spam on it.

However, WordPress has released its new version 2.8.4 that is unaffected by the virus and also urged users to upgrade at the earliest.

Related article: Celebrity Image Used For Spamming Once Again

» SPAMfighter News - 9/24/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page