The new variant from wordpress.net.in & qwetro.com used the “anonymous PHP create_function” to append their spam links on their victim blog. Below is quick patch to disabled the mischievous “create_function” injection on wp_head.
Entries Tagged as ‘injection’
Jan 31st, 2008 +0000 UTC
Bluehost Hostmonster CEO Hacked Again
Mattheaton.com WordPress blog was first hijacked 2 months ago on 26 November 2007 . This is the third time it got hacked. It’s a big embarrassment for bluehost & hostmonster hosting to have their CEO’s blog being spamride every year . Matt’s is still using wordpress 2.3.1 ATM hopefully he could get his wordpress upgrade as soon as possible and fixed all his mess.
Dec 3rd, 2007 +0000 UTC
Matt Heaton (Bluehost and Hostmoster CEO) wordpress blog Hacked by Mick Jagger from Moscow
wordpress.net.in remote spam injection, Matt’s heaton unaware that he uploaded the backdoor himself. Check his wordpress footer.
Full cache on google will not show the spam link (cloaking) used text-only cache.
As of this time of writing he’s still using WordPress 2.0.
While you are on mattheaton.com footer check out the “Comment (RSS)” links. The “RSS” part [...]
