Kristi wrote a guest blog post at TechJaws about the attack last weekend on her well known Kikolani Blog by the PHP Script Injection Exploit in WordPress 2.7.1. Kristi explains how she restored her blog and dealt with the issue. The UnMask Parasites blog provides additional details on what is known about this particular malware which has been dubbed the Gumblar .cn Exploit.
Gumblar exploit does NOT affect only WordPress. It can target any site using .php including Drupal, PhotoPost and even the Bangalore Telecom Web site.
The resources below will assist you in assessing your risk, increasing security for your WordPress blog and removing this exploit if you are already affected.
WordPress Security Resources:
- Should You Be Concerned About Your WordPress Security? (May 12, 2009)
- Securing Your WordPress Blog (Jan 14, 2009)
- In Depth Tutorial On How To Secure Your WordPress Blog Tip 1 (Apr 8, 2009)
- 18 WordPress Plugins Plus Tips to Secure Your Blog (Mar 13, 2009)
- Dan Nedelko WordPress Security Plugins (Apr 23, 2009)
- Maximum WordPress Security Plugin Announcement (Jan 3, 2009)
- Sucuri: WordPress Hardening (How to obscure WordPress and Apache version details)
- 13 Vital Tips and Hacks to Protect Your WordPress Admin Area
Security Monitoring Tools for WordPress:
- Fast, simple way to check public information for yours or any other Web site: Sucuri Web Information Gathering Tool
- Search Engine Snark recommends these Tools for Monitoring WordPress Security
WordPress Security Audit Services:
WordPress Security Plugins:
- Maximum Security WordPress Security Plugin
- WpBeginner post about WordPress File Monitor – download WordPress File Monitor from WP plugin Directory
{ 117 comments… read them below or add one }
← Previous Comments
Thank you ver much for the warning
I love WordPress Blog! I am regular visitor of your blog.and getting quite informative posts.i have already learn more than enough from this blog.so thanks for sharing. Known the adjuration of mate ship can never be bound by bounded distance.
digit would love you to read ..Contact Us
Didn’t even know that this could happen.
Is this exploit fixed in the newer versions of wp?
And are there new exploits? (probably)
Danny would love you to read ..Remington RM1015P 10-Inch 8 Amp Electric Pole chain Saw
I only just recently heard of this gumblar nastiness, seemed to be a big deal about the time of this post though. Glad I wasn’t a fan of Kristi’s blog back then. To my knowledge I’ve never had anything like that, hopefully I never will.
Anthony would love you to read ..Acne Diets-Let’s Get Real
I’ve visited Kikolani blog, its brilliant and Kristi is doing great work. I found the post very interesting and I’ll certainly check the links. Also, I’m really glad that I came across this blog because everything about this blog is enriching and very helpful.
Twitter: stutterwear
June 14, 2011 at 2:26 am
Twitter: @stutterwear
fortunately our blog was sparred but a co league of mine was victimize..this happened a few years back still..changes were made and bloggers like Kristi helped a lot in solving the problem
Buffalo Tees would love you to read ..Buffalo Cool Place T-Shirt
Never even heard of this, thanks for the tip. Ill follow more posts so I don’t miss things like this.
Trailers and Reviews would love you to read ..Source Code Trailer
I glad Gumblar didn’t affect my blog. As a relatively new blogger, I’m not sure what I’m going to do if I’m affected by a virus. It’s great that people with more tech experience share!
Twitter: alinkbuilder
February 18, 2011 at 4:00 am
Twitter: @alinkbuilder
Well this is strange and I got to be conscious about this.
me too..when i read this it made me aware of that is happening is WP
← Previous Comments
{ 4 trackbacks }