Comments on: WordPress hacked by inii.info

By: Anonymous

Anonymous — Sat, 12 Feb 2011 14:47:00 +0000

Considering WordPress has released several security updates since… it’s probably just a sweeping under the rug…

By: James

James — Mon, 12 Apr 2010 15:12:44 +0000

So… What happened? Anyone?

By: Andy

Andy — Thu, 04 Mar 2010 01:05:42 +0000

I know it’s common practice to set the permissions of all the WordPress files so the web server can write to them (for when you do automatic upgrades), but that’s very dangerous, particularly if you’re installing free, third-party plugins from wordpress.org. I mean, yeah, those are great, but you have no idea what kind of backdoors certain bad-apple plugin authors may try to give themselves. But you really should not let your web server be able to write to application files anyway, unless you’re going to review every line of source code of every plugin you install. All the WordPress installations that I set up have file permissions locked down tight, and I never do the web-based auto-upgrade, only the manual one.

By: Scott DeSmet

Scott DeSmet — Wed, 03 Mar 2010 00:25:31 +0000

Hi Vinh, We are investigating the issue and unfortunately I do not have anything definitive to share right now. We take security related incidents very seriously and you can be assured we’ll be transparent about what we discover.

By: 0-day wordpress vulnerability results in many Media Temple malware infections - WordPress Tavern Forum

Tue, 02 Mar 2010 22:19:59 +0000

[...] via his github gist post, and he directed me to his blog post, which has some technical details: http://vinhboy.com/blog/2010/03/01/w…-by-inii-info/ We exchanged a few emails, and discovered that there were easily dozens of sites affected by this [...]

By: frank farmer

frank farmer — Tue, 02 Mar 2010 20:09:17 +0000

WordPress.org deleted my post on this subject. Here are some examples of the infection in the wild: