WordPress Sites Hacked with Superpuperdomain dot com (Attacking Timthumb.php)
12 Aug 2011 DPC
This is what shows up at the bottom of the hacked sites:
How are the sites getting compromised?
On the sites we’ve analyzed, they were hacked through the timthumb.php vulnerability that was published a few days ago. The attackers are also creating a bunch of backdoors to maintain their access to the hacked sites.
If you are using the timthumb.php scripts, remove or update it now!.
Keeping yourself secure
This is not a vulnerability in WordPress, it is a vulnerability found in various WordPress themes that include TimThumb! You have to make sure that you are using an updated theme, and from a legitimate source. Otherwise your theme may contain this vulnerability, or others (even backdoors), that may not be given the proper attention by their theme authors.
If you’re not sure, you can do a free scan of your site using Sucuri SiteCheckIncoming search terms for the article: TimThumb virus, film annex redirect, film annex virus, a friend suggested this page on film annex
Popular Search Terms
Recent Search Terms
- biggest zit in the world popped
- free music OR free online music OR listen to free music OR listen to music OR on line music OR online music OR music radio OR play music online OR streaming music
- asda giveaway on facebook scam
- tescovouchers freegiveaway
- spam us airways
- @aol @comcast @hotmail @gmail @yahoo
- social media twitter
- this woman has a orgasm on a roller coaster! LOL
- soulja boy beats up girl