WordPress Malware Alert: Malware spreading infects WordPress installations

• Tweet

• Tweet

Heads up bloggers! There’s a new malicious software or better known “malware” that is currently on the leash, injecting itself into wordpress installations.

The virus which is known as the “Mal/Badsrc-C“, as the computer security firm Sophos detected it, is primarily found in the file ‘index.html’. It is said that it was planted in such a way that it would only execute itself if it recognize that the user visiting the webpage or a blog was running an Internet Explorer.

Paul O Baccas, Senior Threat Researcher at SophosLabs UK, says that “This hack appears to be widespread and website owners need to be vigilant,“.  Initial investigation on one website conducted by Baccas shows a clean website but the automated systems inside SophosLabs were detecting the webpage as being infected with Mal/Badsrc-C. What Baccas did is to emulate an Internet Explorer through his browser’s  ’User-Agent’ setting and it showed him the infection.

Paul further explains that “what’s happened is that somehow malicious code has managed to inject itself into the PHP code used on some websites running WordPress, meaning that if you visit them when running Internet Explorer you could be exposing yourself to a malware attack.“

Still, the big question hasn’t answered yet as to how such malicious code managed to embed itself on the website, which is kind of scary. So if you’re a wordpress blogger, I suggest that you should be more careful.

Here are some tips that could possibly save you from such viruses and attacks:

- Update plugins that needs an update – The newest wordpress version usually alerts you if the developer of the installed plugin just made an update to it
- Learn to use different credentials on different websites – Since you are blogging and your identity can be indexed in www, ensure that your passwords are chosen carefully (not dictionary words, and not easy to guess) and that you are not using the same credentials (passwords) on any other websites.
- Always update your WordPress to the latest version – Older WordPress versions will often have known weaknesses that can be exploited by hackers so make sure that your WordPress install is always up to date.
-  Hide the WordPress version on your blog – It is so much easy for hackers to see or manipulate your WordPress files especially for those who query search engines to compile lists of WordPress sites. To hide it, simply go into your footer.php file and header.php file and look for a link that says “Powered by WordPress” and just delete it or replace it with a ‘#’ symbol.

Do you know other tips to share aside from mentioned? Share it on the comments section below if you know one.

© 2011, montsch. All rights reserved.