There’s been a lot of talk lately about a large attack on WordPress users who have not upgraded to the latest version, 2.8.4 – I even received an email from Stii about this :)
Lorelle has pointed out two ways to test if you’ve been attacked:
There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode.”
The second clue is that a “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize.
So now’s a really good time to grab WordPress 2.8.4 and upgrade!
Hey Chris, this is hectic! My ISP just sent me a LOOONG email telling me to upgrade because of this situation..
Do you recon its advised!!!!
I try to keep all the site I run with wordpress up to date, specialy with all the security issues lately being discovered in wordpress. As soon as I see that New version available button, I hit it.
I am not sure what is going on with my site. It said there was a problem upgrading automatically, but my permalinks had changed to the number format and I was having a few problems with a few plugins. Busy sorting it out now, but I don’t think I’ve been hacked :)
Hi Chris do I need to upgrade my site?
Found this for people reluctant to upgrade:
http://brandfreeze.com/setting-up-a-simple-backup-process-for-wordpress
@pbdphoto …yes – we must upgrade your site. Shall be done asap.
@pbdphoto – Your blog has been updated, so you need not worry :)
I think these sorts of attacks take a long time to really start circulating – The last attack, which was really noticed was towards the end of last year and it didn’t have too much penetration or effect on the SA blogsphere..
Ok, not sure I can relate to what was mentioned. I guess everyone has their own opinion I guess.