[wp-trac] [WordPress Trac] #12220: Godaddy trojan virus bibzopl.com/in.php is infecting Wordpress
WordPress Trac
wp-trac at lists.automattic.com
Sun Feb 14 03:24:07 UTC 2010
#12220: Godaddy trojan virus bibzopl.com/in.php is infecting Wordpress
-----------------------------+----------------------------------------------
Reporter: micasuh | Owner: ryan
Type: defect (bug) | Status: new
Priority: highest omg bbq | Milestone: Unassigned
Component: Security | Version: 2.9.1
Severity: critical | Keywords: virus, trojan,
-----------------------------+----------------------------------------------
Seems to be affecting only WP and phpBB so far.
http://www.whitefirdesign.com/resources/bibzoplcom-malware.html
http://wordpress.org/support/topic/362584
http://www.phpbb.com/community/viewtopic.php?f=46&t=1979715&start=0
http://bermudaisanotherworld.org/forum/index.php?action=printpage;topic=2388.0
From article: "I decrypted it and it turns out to be a redirect to a PHP
script file on an address that reverse DNS resolved to a Hong Kong IP
address. Turns out that if you let the script run it will install the
SMSS32.exe fake trojan on your machine."
Seems to be affecting both OS X and Windows but the trojan can only harm
Windows. Every instance of this virus I can find is limited to sites
hosted by GoDaddy.
If site has strong passwords, it's less likely to be infected apparently.
Is this beyond WP just issuing a patch for it?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12220>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list