Support » Theme: Buzzo » Buzzo theme and nasty files appear at the same time on my server…

  • This morning I found that the Buzzo theme had appeared in my wordpress installation. I did not download it.

    Four other randomly named (and unfriendly) files were placed on the server in various directories (exploit not yet fully identified – see more below). This all happened at the same time.

    I note that the Buzzo wordpress theme page shows a big spike in downloads today.

    Is this theme malicious, or is someone attempting to give it a bit more news time by hacking people installations and installing it?

    My main pages had a search box injected into them at the top of the page – which is how I noticed the issue initially.

    I think the theme was installed via a file upload compromise, but I cannot confirm that. One of the randomly name files that appeared tested for file upload ability before a huge amount of eval and obfuscated code was injected somewhere… Alas I don’t have the files as they were promptly deleted by server admins. I was only able to view them momentarily before the server admins killed them.

    Keep your eyes open on this one… Hopefully this topic helps someone…

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.