Information regarding a large-scale attack on WordPress, May 2010

Scan and Shield for your WordPress site.
 
On May 10, 2010, a large-scale attack was executed against WordPress sites with an apparent focus towards sites hosted on shared servers, and perhaps targeting one particular web host. 
 
According to several reports, "the hacked web pages appear to have been infected with scripts, which not only install malware on users' systems, but also prevent browsers like Firefox and Google Chrome, which use Google's Safe Browsing API, from issuing an alert when users try to access the page. When Google's search bot encounters such a specially crafted page, the page responds by simply returning harmless code. This camouflage strategy takes advantage of the browser switch normally used by developers to return browser specific code to suit functional variations in different browser, such as Internet Explorer and Firefox."
 
For additional information, take a look at the Sucuri Security blog, as well as their suggested clean-up if your site appears to be affected.
 
At the time of this article's writing we are not aware of any sites hosted at Newtek that have been affected.
 
*Note that PHP will need write permissions on the WordPress files in order to apply the fix.
 
If you have any questions, please feel free to contact technical support at support@newtektechnologyservices.com, or at 1-877-323-4678, option 4.

Add Feedback