Automated WordPress Hacking Tool Cached by Google

Posted by DK
March 27, 2008

Cyberinsecure recently posted details of an automated WordPress hacking tool that is doing the rounds. This malicious worm or program appears to create the directory, "wp-content/1/" as well as spam comments:

The blogs are most likely attacked by some kind of automated tool since the amounts of spam are too big to work manually on all those spam pages creation. It seems there are also spam comments in posts as well. Spam comments are pointing to internal infected blog pages in folder “1″ to get them spidered and to get people to visit them.

Smackdown also has a nice blog entry about this issue.

News, WordPress

Random Posts

If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments
Pingback by Webrocker » Wordpress Hackereien Revisited on March 27, 2008 @ 8:20 am

[...] Blogsecurity nimmt sich dem Thema an und verweist auf einen Artikel bei smackdown. [...]

Pingback by » WordPress hackeado Chesco Romero: Actualidad informática, Comunicaciones y Redes on March 27, 2008 @ 6:09 pm

[...] a través de BlogSecurity.net que recientemente se han observado detalles de una herramienta automatizada que hackea los CMS de [...]

Pingback by Spam-Hack via wp-content/1/ » dyingeyes weblog on March 27, 2008 @ 9:55 pm

[...] eben, der das Weltbild dieser Arschlöcher im Großen und Ganzen ausmacht. Mehr dazu bei BlogSecurity, dort gibt’s weitere [...]

Comment by Burch on March 28, 2008 @ 1:28 pm

This happened to me…

Comment by Dr. Mike Wendell on April 9, 2008 @ 9:43 pm

Seeing tens of thousands of these in our spam logs. (We run a Spam Assassin install for all of our servers.) Thanks for letting us know.

Pingback by Links for 2008-03-28 - EDV | Ende der Vernunft on May 10, 2008 @ 8:03 pm

[...] Automated WordPress Hacking Tool Cached by Google – Du hast ein Unterverzeichnis namens wp-content/1 ? 0w3n3d! (Danke an Kiesow f

Leave a comment

(required)

(required)