WordPress.org

Ready to get started?Download WordPress

Forums

Cracking WordPress (5 posts)

  1. Anonymous
    Unregistered
    Posted 10 years ago #

    I found a malicious iframe that installed the Download Trojan JS_JECT.A on IE users computers on my blog this morning. It was loaded in a hidden iframe. My area of the site is pretty much limited to a WordPress install, but there are other things in other areas where a person might manage to get in sideways.
    Anyway, I'm wondering if there are any known exploits in WP 1.2 and if anyone has advice for me to track this stuff down.
    Thanks.

  2. Mark (podz)
    Support Maven
    Posted 10 years ago #

    The obvious advice is to ban the use of the insecure IE, to ensure that all computers are scanned by malware and AV software and are updated from m$ as often as possible.
    I have not seen any exploits in WP since I started using it and inhabiting these forums in January.

  3. Anonymous
    Unregistered
    Posted 10 years ago #

    IE didn't install it, it just falls victim to it. Thanks for the info on the exploits.
    After looking around, it appears that no other area on my server has these iframes in the site. To search, I used the command:
    for i in ls -1;do echo $i; grep iframe $i; done
    And ran through each directory individually.

  4. Anonymous
    Unregistered
    Posted 10 years ago #

    Cancel that, I just found some in my moniwiki directory.

  5. davidchait
    Member
    Posted 10 years ago #

    Yeah, if you are running an unsecured wiki, you can really get nailed by this new crop of stuff...
    -d

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.