WordPress.org

Ready to get started?Download WordPress

Forums

[closed] Is your WP blog spreading a "drop-by" virus? (4 posts)

  1. colvin
    Member
    Posted 4 years ago #

    WP bloggers beware! There's a new malware that is attacking WP blogs and secretly infecting them with a java script trojan -- JS:Illredir-B [Trj] While it has other effects, the most malicious appears to be dumping the virus into any new posts one makes, spreading it to one's readership.

    Avast anti-virus is finally catching up with it and will alert bloggers of its presence when you attempt to post. But Avast doesn't fix the problem, which is in the WP code on your server.

    This trojan seems to be associated with siszyd32.exe, a virus first identified on 7 December. FreeFix [WinPatrol too] will tell you if it's on your computer --while Freefix claims to be able to delete it, I'm not sure of that. I finally had to reformat my hard disk. And I still haven't found a way to kill the script in the post.php functions of WP. Any ideas about that?

  2. colvin
    Member
    Posted 4 years ago #

    Re-alerting WP community about new vulnerability.

  3. MichaelH
    Member
    Posted 4 years ago #

    Already emailed to security@wordpress.org

  4. MichaelH
    Member
    Posted 4 years ago #

    Closing this--continue discussion at:
    http://wordpress.org/support/topic/349452?replies=4

Topic Closed

This topic has been closed to new replies.

About this Topic