[Ilugc] php malware from wordpress blog
bala150985 at gmail.com
Wed Apr 11 22:55:19 IST 2012
Can you upload all the files ? I don't see any one has captured it.
On Wed, Apr 11, 2012 at 10:06 PM, Raja Subramanian
<rajasuperman at gmail.com>wrote:
> I have had a recent malware injection on a WordPress website I host.
> The malware sample is here: http://pastebin.com/7X9imPGp
> Can anyone decipher what this script is doing and how much damage
> it has caused?
> This stuff appeared in several files in my WP installation, new files
> created inside wp-includes/css/<long-string>/, and in
> I've had 2 incidents during the first incident one directory contained a
> full mock up of Amazon Germany website with drive-by downloads
> and my web account was used to send phishing emails to this URL.
> This is the 2nd attempt and I have greatly limited the damage caused
> as I had tightened WP security.
> If anyone is interested I can upload the entire website with all the
> files for review.
> - Raja
> ILUGC Mailing List:
More information about the ilugc