web analytics
infinix flip

WP 2.1.1 hacked, upgrade now!

Everyone should have known about this exploit by this time but if you are running WordPress 2.1.1 from a download just several days ago, your WP blogs might have been compromised.

This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

You could be also running that cracked version. It’s strongly recommended that you upgrade to WordPress 2.1.2 now .

Please, help spread the word.

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,116 other subscribers
Avatar for Abe Olandres

Abe is the founder and Editor-in-Chief of YugaTech with over 20 years of experience in the technology industry. He is one of the pioneers of blogging in the country and considered by many as the Father of Tech Blogging in the Philippines. He is also a technology consultant, a tech columnist with several national publications, resource speaker and mentor/advisor to several start-up companies.

8 Responses

  1. Avatar for Maximus Maximus says:

    I would like to see a continuation of the topic

  2. Avatar for Raymond Lee Raymond Lee says:

    well, i already upgraded my WP. but i still keep the compromised version to test the actual exploit. ^^

  3. Avatar for Abe Olandres Abe Olandres says:

    Chris, Google doesn’t give you exact number of backlinks now. Try Yahoo Explorer instead — in Yahoo search, type “linkdomain:starmometer.com”.

    For duplicate content, you can always file a DMCA complaint on the scraper’s web host.

  4. Avatar for Chris Chris says:

    Thanks kuya. Isang question na lang po. Last year my google backlinks are more than 100. Pero ngayon po bakit naging 20 na lang? Napenalize po kaya ako ng google for duplicated contents dahil meron nga pong website na kumokopya ng posts ko? Ok lang naman sana yun kasi nilalagay naman niya yung link kung san nakuha yung contents kaya lang i’m worried na baka napepenalize na pala ako dahil dun.

  5. Avatar for Abe Olandres Abe Olandres says:

    @ Chris

    No, it’s not part of the exploit. That one is a scraper site. It gets your content from your RSS feed and auto-publishes it on its site.

    One of the softwares that can do that is a WP plugin called FeedWordpress.

  6. Avatar for Chris Chris says:

    I noticed there is a website (16q.com) that automatically copies my post to their site. The second i publish my post, naka-post na rin siya sa website niya. Is this the result of the said exploit? Di ba kapag duplicated ang content nape-penalize ng Google? I am really worried about this.

Leave a Reply