24 October, 2012, 06:55 AM
WP akismet user : watch out, big secrurity breach ....
from my webhosting and antifraude.net reply :
and i make some simple search on google, the problem exit since jun but akismet don't take it serious, now it hit me ....... lucky found out fast enough ...
We run some checking and would like to update you on the reason of the injected script.
18.104.22.168 - - [21/Oct/2012:00:53:06 +0800] "GET //wp-content/themes/Webly/cache/s.php?x=img&img=ext_css HTTP/1.1" 200 570 "http://propertyagent.my//wp-content/...kismet&sort=0a" "Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1"
As you can see, akismet plugins were injected and make changes through the page:
s.php is the backdoor script that used by the attacker to upload the malicious script.
Its recommended to change your used theme on your page, as obviously there is vulnerables on the theme 'Webly' you using.
Tags for this Thread