WORDPRESS SECURITY ATTACK

We’re hearing of numerous reports that older versions of WordPress are exposed to security threats.Wordpress is one of the largest blogging engines with over 5,317,360 - and counting - downloads for their latest version, 2.8. Many large blogs, including TechCrunch, rely on WordPress to get the news out and post content online.

Writes Lorelle on her WordPress-centric blog:

There are two clues that your WordPress site has been attacked:

First, there are strange additions to permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”

The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize.

To prevent this attack, if you have not done so already, update your WordPress install immediately to the latest version. Change all your passwords to a strong password (cough), including WordPress blog access for all users, database, FTP, control panels, etc. These are all highly recommended procedures.

Automattic, WordPress’ parent company, hasn’t commented on this issue, but we’ll keep everyone updated. In the meantime, we urge you to update your WordPress blog immediately.

We’ve reached out to Matt Mullenweg, founder of WordPress, and he mentioned the following. Automattic is not the parent company of WordPress. Automattic contributes to WordPress.org like many other companies do. Mullenweg published a blogspot mentioning what steps people should take to ensure their WordPress blog is safe.