Malware Problem (FIXED?!)

Hey guys, just to inform you what’s been happening today – we had a security incident, where hacker/script preformed a PHP injection into our header file, injecting some spammy content. Fortunately, the malware has been removed now, and some additional security modifications have been installed. However, google and firefox automatically blocked our site for 24 hours, giving warning about the malicious code that was present few hours ago. I’ve submitted the re-inclusion proposal, so the blockage should be lifted in next few hours, when their bots check the site again and see it has been fixed. Just to clarify that our site is safe, and no malware is residential here.

But the problem that buggs me the most, is how the hell the code got auto-injected in the first place??!! If you are an expert in the field of security/wordpress/databases/php please send me an email vurdlak AT gmail.com if you have spare minutes to help. Will keep you updated…

12 Replies to “Malware Problem (FIXED?!)”

    1. I think I saw the elephant too. Is it the shadow on the left?

      [img]http://toeas.com/smiley/files/2011/07/happy-smiley-4.jpg[/img]

  1. Perhaps when somebody commented on a illusion they put in the code, and used javascript/HTML code to hide all code written inside the comment box? I have seen it done before. Anything where users can submit information (Like a comment box) poses a potential security threat.

Leave a Reply

Your email address will not be published. Required fields are marked *