WordPress blogs hit with mass malware attack – mass SQL Injection?

[Source – http://www.downloadsquad.com/2010/04/12/wordpress-blogs-hit-with-mass-malware-attack/]

“Hundreds of WordPress blogs, particularly those hosted by Network Solutions, have been hit with an attack that cripples the blogs and redirects visitors to a URL that loads malware. The attack has been reported by both Sucuri Security Labs and Trend Micro. It works by replacing the contents of a WordPress blog’s “siteurl” field (under wp_options) with some HTML code. That field isn’t supposed to contain HTML, so it effectively breaks the blog.Security companies haven’t figured out how the blogs were exploited, although Sucuri says it was probably SQL injection or a database problem at Network Solutions. Network Solutions is investigating, and looking to blame a WordPress theme or plugin for the security hole, Trend Micro says. Trend Micro also has some info on the malware that the blogs are now redirecting to: it’s a known malware family called BUZUS, and antivirus software should be able to identify it.

If your blog was affected, change your siteurl bac k to its old value.You can find it under manage database, in the wp_option table. “

This kind of platform attack is the most galling,  because it’s something individual users of the software are powerless to protect themselves against. The onus is entirely on the hosting company, and it seems that in this case  Network Solutions have a lotta  ‘splaining to do.

Hinterlasse eine Antwort