how-to block ads
|
|
Uniqs:
426 |
Share Topic
 |
 |
|
|
|
 Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | Passwords Reset at WordPress.org Passwords Reset
Posted June 21, 2011 by Matt Mullenweg. Filed under Security.
Earlier today the WordPress team noticed suspicious commits to several popular plugins (AddThis, WPtouch, and W3 Total Cache) containing cleverly disguised backdoors. We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavory.
We’re still investigating what happened, but as a prophylactic measure we’ve decided to force-reset all passwords on WordPress.org. To use the forums, trac, or commit to a plugin or theme, you’ll need to reset your password to a new one. (Same for bbPress.org and BuddyPress.org.)
As a user, make sure to never use the same password for two different services, and we encourage you not to reset your password to be the same as your old one.
Second, if you use AddThis, WPtouch, or W3 Total Cache and there’s a possibility you could have updated in the past day, make sure to visit your updates page and upgrade each to the latest version.
»wordpress.org/news/2011/06/passwords-reset/
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
| |
IGGYNo Guru Just Here To HelpPremium,MVM
join:2001-03-30
Chatham, IL | False positive or related event? Both took place within the same time frame.
Worm.JS.FBook.a alert on WordPress.com hosted sites
»iggyz.com/?p=14956
--
My website Windows 7 Comcast Phone Power SeaMonkey browser | |
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | WP-phpmyadmin WordPress plugin – Delete it now Posted on June 22, 2011 by dd If you are using the WP-phpmyadmin WordPress plugin, delete it now. We are seeing multiple sites getting hacked through it and we are investigating what is going on. On all the sites we’ve analyzed, the following code was found inside the wp-phpmyadmin/phpmyadmin/upgrade.php file: This is not part of the plugin, and should be removed immediately! The code snippet above is a backdoor and allows remote access to the affected sites with it installed. » blog.sucuri.net/2011/06/wp-phpmy···now.html--
Gladiator Security Forum
»www.gladiator-antivirus.com/
| | |
|
Name GamePremium
join:2002-07-07
North Myrtle Beach, SC
kudos:7 | reply to Name Game
Update:
We also noticed that it was removed from the WordPress plugin repository (originally here: wordpress.org/extend/plugins/wp-phpmyadmin/ ) and is no longer maintained (last update in 2007). Since it is not longer being updated, you shouldn’t be using it anymore.
EDIT: We had an opportunity to catch up with Andrew Nacin, a WordPress Core Member who stated:
The reason it had been pulled from the directory was that it had phpMyAdmin setup files in it, which can expose server information.
So the plugin wasn’t removed because of any security issue, but because of the recent weird activity and due to the fact that it is not maintained, we recommend deleting it as soon as possible.
If you’re seeing anything out of the ordinary, please let us know. If we find anything else, we will update the post.
If you are not sure if your site got hacked, you can scan it here: »sitecheck.sucuri.net.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/
| |
|
