Categories:

Posted on May 14, 2010 by Jennifer Pointer

 

We usually do something fun here on Fridays, but today, we're going to talk about an ongoing problem in the blogosphere that does not seem to be going away.  Beginning about a week ago, there has been a rather bizarre, massive, ongoing hacker-attack affecting tens of thousands of blogs so far that use shared-hosting:

 

"GoDaddy, BlueHost, DreamHost, Media Temple, and Network Solutions are being affected by an ongoing PHP attack. PHP is a scripting language that adds functions to HTML sites. The attack is adding code to blog sites. Some sites are offering instructions for fixing the blog code. Before adding code to your site, contact your server..." (Blogosphere Buzz Examiner)

 

Unfortunately, the source and exact target of the attack are still largely unknown.  Wordpress, a very popular blogging platform has taken the brunt of the hit, but other platforms, such as Joomla and others.

 

The victims of this virus are ultimately the visitors to the blogs that have been attacked:

 

"The hacked web pages appear to have been infected with scripts, which not only install malware on users' systems, but also prevent browsers like Firefox and Google Chrome, which use Google's Safe Browsing API, from issuing an alert when users try to access the page. When Google's search bot encounters such a specially crafted page, the page responds by simply returning harmless code. This camouflage strategy takes advantage of the browser switch normally used by developers to return browser specific code to suit functional variations in different browser, such as Internet Explorer and Firefox..." (H Online)

 

One of my blogs was hit on the second day of the attack, and a friend sent me this simple cleanup solution for the latest Wordpress attack with information on how to fix the problem.  It's a good thing he had the information handy; he got hit a few days later, and realized that he could also "delete everything, restore from backup."  That worked.

 

Also see:

 

 


 

Jennifer PointerJennifer Pointer (e-mail) is a trainer and tech writer in Tulsa, OK. She promotes a simple, a low-tech approach to effective online profile management, search engine optimization and social networking. Her weakness is the mocha frappuccino.

Share and Enjoy :
FacebookTwitterLinkedIndel.icio.usDiggReddit

Want to work with us?
Get in touch

817.283.3324 Facebook LinkedIn Twitter