[wp-hackers] Evaluating impact from yesterday's Trojan'd plugins?

Doug Stewart zamoose at gmail.com
Wed Jun 22 12:59:11 UTC 2011


Howdy all,
I was one of the users that blindly updated one of the affected
plugins (WPtouch). I quickly updated to the recommended clean version
as soon as I heard about the exploit, but the descriptions of the
attack thus far have been free of details. I'd like to know more about
what, if any, of my site's data was compromised and how best to keep
watch over my sites in case any follow-on exploits are attempted.

Was it simply insertion of spam links in body content, or did it call
home? Did it send in-flight passwords, or DB contents, or file
locations, or did it traverse my filesystem to check for other
potentially-vulnerable software?

-- 
-Doug
@zamoose
http://literalbarrage.org/blog/


More information about the wp-hackers mailing list