Automated WordPress Hacking Tool Cached by Google
Filed Under (News, WordPress) by DK on 27 March 2008

Cyberinsecure recently posted details of an automated WordPress hacking tool that is doing the rounds. This malicious worm or program appears to create the directory, "wp-content/1/" as well as spam comments:

The blogs are most likely attacked by some kind of automated tool since the amounts of spam are too big to work manually on all those spam pages creation. It seems there are also spam comments in posts as well. Spam comments are pointing to internal infected blog pages in folder “1″ to get them spidered and to get people to visit them.

Smackdown also has a nice blog entry about this issue.

   
Enjoy the article? Please take a second to: Digg it! | StumbleUpon it!

Read and Contribute to BlogSec News!

Comments

Webrocker » Wordpress Hackereien Revisited on 27 March, 2008 at 8:20 am #

[…] Blogsecurity nimmt sich dem Thema an und verweist auf einen Artikel bei smackdown. […]


» WordPress hackeado Chesco Romero: Actualidad informática, Comunicaciones y Redes on 27 March, 2008 at 6:09 pm #

[…] a través de BlogSecurity.net que recientemente se han observado detalles de una herramienta automatizada que hackea los CMS de […]


Spam-Hack via wp-content/1/ » dyingeyes weblog on 27 March, 2008 at 9:55 pm #

[…] eben, der das Weltbild dieser Arschlöcher im Großen und Ganzen ausmacht. Mehr dazu bei BlogSecurity, dort gibt’s weitere […]


Burch on 28 March, 2008 at 1:28 pm #

This happened to me…


Dr. Mike Wendell on 9 April, 2008 at 9:43 pm #

Seeing tens of thousands of these in our spam logs. (We run a Spam Assassin install for all of our servers.) Thanks for letting us know.


Links for 2008-03-28 - EDV | Ende der Vernunft on 10 May, 2008 at 8:03 pm #

[…] Automated WordPress Hacking Tool Cached by Google - Du hast ein Unterverzeichnis namens wp-content/1 ? 0w3n3d! (Danke an Kiesow f


Comment
Name:
Email:
Website:
Message: