It’s been 4 years since I left the IT security profession to focus on research and training. However, I am glad to have this background because it helped me to appreciate the subtlety of this hack into the WordPress blogging software. It first came to my attention when I noticed a folder named “1” as in the number one, while uploading plugins to the wp-content folder on my web host. As the sophistication of web applications continue to increase, the propensity for trojans or malware increases. This also explains why ramonthomas.com may have dropped out of Google for a few months and the traffic on that blog took a huge dip.
Anyway I found this excellent blog article that explained the whole thing. It’s critical that all bloggers who use WordPress check if their host has been infected with this trojan and malware virus. And this experience once again reminds me of the importance of regular backups. The great thing with WordPress as with all content management systems, is that it separates content from the software back-end. This particular problem infected a series of blog postings with hidden javascript code.
On a side note I would like to recommend the following open source or free anti virus tools for your desktop:
Reminder: if your PC or laptop is already infected with a computer virus it’s wise to use the web-based Trend Micro Housecall to scan your system live from the Web. And where possible ensure that your anti virus software integrates with your email so that all incoming and outgoing emails are automatically scanned.
I have been blogging for since january 2009 and had to learn
a lot of things through trial and error. I am currently
reading to your training blog and finding it to be very informative.
For anyone that is thinking of starting a training blog I highly recommend this is a good one.
My wordpress site is having some problem with trojan, i don’t know how to clean my source code for uploading them to a new host, what should i do?