by Jovie Cabais | Sep 25, 2011 | Tech Updates
Sophos, a computer security firm has discovered a virus that injects itself into WordPress installations. The virus, called “Mal/Badsrc-C” is found in the file index.html, and planted in such a way it that it would show itself only on Microsoft’s Internet Explorer browser. Paul Baccas, a representative from Sophos, said in a blog spot that the hack appears to be widespread and warned website owners to be vigilant. The computer security firm’s initial investigation showed that the malicious code managed to inject itself into the PHP code used on some websites running WordPress, and that the code will only be served if the user agent is Internet Explorer. This means that if you visit them when running Internet Explorer you could be exposing yourself to a malware attack. What is not clear however, is on how the virus manages to embed itself on the website although according to Sophos, it is probably via compromised ftp credentials. Baccas says, “If you run a site which uses WordPress you would be wise to ensure that your passwords are chosen carefully and that you are not using the same credentials on any other websites. If you think your password details have been compromised, then change them immediately.” Baccas adds that WordPress users should be checking their site’s codes on a regular basis to ensure that there have not been any unauthorized changes. Source: http://ph.news.yahoo.com/wordpress-malware-spreading-sophos-140642288.html Share...
