Wordpress Websites threatened by new Worm
A malicous software Worm (virus) has been discovered this week circulating the Internet. This software virus is hacking into outdated versions of Wordrpess, which is the Internet’s most popular website content management system.
As this worm expands it reach accross the Internet it hacks into older, outdated versions of WordPress and infects blog posts and web pages with spam and malware that can be downloaded by unsuspecting website visitors.
According to WordPress.org, the software developer’s website, this worm does not affect the current version of the Wordpress website publishin software, which is 2.8.4. The company is strongly recommending that users running older versions upgrade immediately. WordPress.org points out that upgrading to the latest version of its software may entail some work, but not as much work as cleaning up a hacked blog post. Wordpress.org analogizes upgrading the software to “a person taking their vitamins”, whereas repairing a website hacked by this worm is compared to “open heart surgery”.
The worm finds a way to break through the Wordpress security and registers itself as an administrator user in older versions to execute malicious code through the permalink structure. The worm then uses JavaScript to hide itself when website readers visit a page. Meanwhile it has inserted spam and malware into older posts and pages that can be downloaded by unsuspecting visitors.
Once the worm has infected a page, according to WordPress.org, users may notice broken links and jibberish added to older pages and posts, which is sign that the worm has infected the website.
