Watch Out for Recent WordPress Gumblar PHP Exploit

May 12, 2009 · 121 comments

Kristi wrote a guest blog post at TechJaws about the attack last weekend on her well known Kikolani Blog by the PHP Script Injection Exploit in WordPress 2.7.1. Kristi explains how she restored her blog and dealt with the issue. The UnMask Parasites blog provides additional details on what is known about this particular malware which has been dubbed the Gumblar .cn Exploit.

Gumblar exploit does NOT affect only WordPress. It can target any site using .php including Drupal, PhotoPost and even the Bangalore Telecom Web site.

The resources below will assist you in assessing your risk, increasing security for your WordPress blog and removing this exploit if you are already affected.

WordPress Security Resources:

Should You Be Concerned About Your WordPress Security? (May 12, 2009)
Securing Your WordPress Blog (Jan 14, 2009)
In Depth Tutorial On How To Secure Your WordPress Blog Tip 1 (Apr 8, 2009)
18 WordPress Plugins Plus Tips to Secure Your Blog (Mar 13, 2009)
Dan Nedelko WordPress Security Plugins (Apr 23, 2009)
Maximum WordPress Security Plugin Announcement (Jan 3, 2009)
Sucuri: WordPress Hardening (How to obscure WordPress and Apache version details)
13 Vital Tips and Hacks to Protect Your WordPress Admin Area

Security Monitoring Tools for WordPress:

Fast, simple way to check public information for yours or any other Web site: Sucuri Web Information Gathering Tool
Search Engine Snark recommends these Tools for Monitoring WordPress Security

WordPress Security Audit Services:

Performancing Services offers WordPress Security Auditing

WordPress Security Plugins:

Maximum Security WordPress Security Plugin
WpBeginner post about WordPress File Monitor – download WordPress File Monitor from WP plugin Directory

Tagged as: wordpress security

Read the Best of GrowMap or Stay In The Loop!

Subscribe to the GrowMap feed via RSS or Email to receive notifications when new posts are published. Follow GrowMap on Twitter too!

{ 117 comments… read them below or add one }

← Previous Comments

Next Comments →

James who writes about Pool Vacuum Cleaners May 12, 2010 at 9:35 pm

I’ve been trying to find some sort of way to make wordpress more secure so that these PHP injections don’t happen so easily. Can anyone recommend some measures that I can take to protect my blog?
.-= James@Pool Vacuum Cleaners´s last blog ..Contact Us =-.

adam who writes about Make Money On Web April 16, 2010 at 11:45 am

One of my niche websites was hit by this and let me just say that it was not pretty. My advice: Backup often! This can really mess things up, and if you don’t have a recent backup of your database you are in trouble..

nurussadad April 14, 2010 at 11:30 am

Thanks for the post.. i must aware about this kind of hack today
.-= nurussadad´s last blog ..Door Duisternis tot Licht =-.

Jane Ardent who writes about Watch Spartacus Online April 9, 2010 at 2:44 am

I am so happy I found your blog!

Ryan Stickel April 9, 2010 at 2:43 am

I randomly found this through a search and Im so glad!
.-= Ryan Stickel´s last blog ..http://starz.com/features/spartacus/widget =-.

Dump Trucks April 6, 2010 at 4:33 am

See.. the hacking is rising with all its way and with very much innovative and new of its ideas.. One must have to be very cautious while running a blog and site as there is threat of hacking the data is there. Some preventive measures must have to be done in relevance with this.

Laptop Repairs London March 16, 2010 at 5:56 am

No big companies hire hackers. Thats a myth, if they did it would be a bit like running a car garage and employing car salesmen. Not the right tactic.

crocwireless who writes about cheap tmobile phones Twitter: muqtada123 March 4, 2010 at 8:49 am Twitter: @muqtada123

I m happy to hear about the new update from wordpress blog, now it is really hard to get your blog attacked by stupid spammers by installing some great wordpress created some strong anti-spam plug in which helps in saving your blogs from spammers. Thumbs up!!!

m65 Twitter: m65jacket March 1, 2010 at 9:52 am Twitter: @m65jacket

very nice article thanks for the share
.-= m65´s last blog ..Alpha M65 Field Jacket =-.

John G Twitter: SEOWorks February 25, 2010 at 6:50 pm Twitter: @SEOWorks

A few major companies actually hire these hackers, because they were so talented as to break into their system. Maybe that’s the answer, feed the poor and renegades of society, offer them work. Yes, let’s hack the hackers!

free computer tips February 22, 2010 at 6:39 pm

Currently I am using blogspot and I am planning to switch to wordpress because of its great feature. So I am collecting more information about wordpress. Anyway, Thanks.

growmap Twitter: GrowMap February 23, 2010 at 9:08 am Twitter: @GrowMap: Hello Computer Tips,

Be sure to read my post about setting up WordPress blogs for businesses. It contains much valuable information on Business Blogging.
.-= growmap´s last blog ..KeywordLuv: How Using It Benefits Us All =-.

Reply

Bearpaw Boots February 11, 2010 at 4:40 pm

Not sure what you mean by the PR

growmap Twitter: GrowMap February 23, 2010 at 9:07 am Twitter: @GrowMap: InStockPhones is referring to Google Page Rank. There are many explanations of what it is online including this one on What is Google PageRank.

There is much disinformation online about almost everything and especially about SEO so never believe everything you read.
.-= growmap´s last blog ..MEME: BizLuv in Support of Small Businesses =-.

Reply

instockphones who writes about best cricket phones Twitter: muqtada123 January 5, 2010 at 7:54 am Twitter: @muqtada123

I have noticed that in the recent google PR update, it does not update the PR for most blogs powered by WP and this could be the reason that why google did this.

growmap Twitter: GrowMap February 23, 2010 at 8:52 am Twitter: @GrowMap: Hello,

I don’t watch the PR updates very closely but I know that many blogs that are more tightly focused on SEO do. While I need to update it you may be able to find some of the best blogs that cover that subject on my personal GrowMap MyAlltop page.
.-= growmap´s last blog ..KeywordLuv: How Using It Benefits Us All =-.

Reply

Portland Photo Booth Rental December 31, 2009 at 3:09 pm

Subscribe to blogs about Wordpress plugins and security threats to keep your blog online and healthy!

Boardwalk who writes about Best Muscle Building Supplement December 26, 2009 at 5:30 pm

I had no idea there were so many threats to blogs out there. As a newbie, I guess I have been pretty naive. Thanks for providing me with the tools to protect myself.
.-= Boardwalk @ Best Muscle Building Supplement´s last blog ..Muscle Building Tips =-.

folders printing Twitter: muqtada123 December 21, 2009 at 9:23 am Twitter: @muqtada123

i think its already attacked in some blogs powered by WP, because i tried so many times to comment in that, i got no luck, what is the solution, anyone please

Sergey December 20, 2009 at 3:35 am

Yes attacks happen now on everywhere not only on such blogs and failures occur everywhere

Amanda December 10, 2009 at 4:12 pm

I just started using word press and had no idea about any of that stuff. Great article.
.-= Amanda´s last blog ..Bearpaw Women’s 419 Demi Boot =-.

Cleaning wool area rugs December 10, 2009 at 12:21 am

I am not sure if my previous comment got through. I was asking if there is any way to strengthen your security for the wordpress blogs.
.-= Cleaning wool area rugs´s last blog ..Types of wool area rugs and how to place them =-.

Cleaning wool area rugs December 10, 2009 at 12:19 am

I didn’t realise wordpress is so vulnerable. I now have some concerns over the wordpress blog that I am using now. Is there any other to make it more safe?
.-= Cleaning wool area rugs´s last blog ..Types of wool area rugs and how to place them =-.

← Previous Comments

Next Comments →