Virus going around lately on WordPress sites..

Hello,

An associate of mine was telling me about a problem they are experiencing with their WordPress site lately. Apparently, they found about 30 other WordPress with this same issue.

It appears to be some sort of Worm, Virus, or piece of Spyware that specifically references something called an “HTML/Framer” virus.

They scanned their entire local computer system–it found 3 issues that they got rid of.

They thought it may be related to some of their “sharing” plugins, so they disabled them all, but it doesn’t really seem to have anything to do with it.

They did put up a new post in WordPress yesterday, but did nothing out of the ordinary. They put up a few pictures (did NOT hot-link to the images anywhere else, but rather, just uploaded saved images from their system onto their own space), and then had a link to a Wikipedia article. Nothing really out of the ordinary with that latest post.

They said that after that post, they got hit with about 80 spam comments, but they all got filtered out. They said that one comment got through, though, and is thought to maybe be the culprit of all of these problems. Because it seems like all of these problems started after that one comment got through. The thing is, it didn’t seem to really have any harmful elements, but seemed to be just plaintext.

Any ideas on what might be going on? Should they back up their entire WordPress? What’d be the easiest way to do that?

–etcbbu