Troj/PHPShll-B: Malware injects itself into WordPress installations

PJC · Sep 20, 2011

Troj/PHPShll-B: Malware injects itself into WordPress installations

Searching_ _ _ · Sep 20, 2011

So, what's happened is that somehow malicious code has managed to inject itself into the PHP code used on some websites running WordPress, meaning that if you visit them when running Internet Explorer you could be exposing yourself to a malware attack.

What isn't clear is exactly how the malicious code managed to embed itself on the website, although it was most probably via compromised FTP credentials.
Click to expand...

It requires Internet Explorer and a visit to an infected WordPress site. It looks like Firefox and Chrome users are safe.

I thought it was ironic that Sophos Naked Security Blog is using WordPress, but I'm sure no one has compromised their FTP credentials. Whew.

Log in or Sign up

Troj/PHPShll-B: Malware injects itself into WordPress installations

PJC Very Frequent Poster

Searching_ _ _ Registered Member

Log in or Sign up

Troj/PHPShll-B: Malware injects itself into WordPress installations

PJC Very Frequent Poster

Searching_ _ _ Registered Member

Useful Searches