It has raised a new alarm that affects many thousands of people around the world with a blog runs on WordPress (the latest version, 2.9.2 is vulnerable too) and several blogs have been attacked and are now infected distributing malware without the operators of these sites have been noticed. The worst thing is that it affects self-hosted version (installed on your own server) of WordPress.

Apparently this vulnerability has to do with SQL injection or some failure of a theme or plugin, it could also be because of some outdated as Magpie library that ships with WordPress. For now only speculation because the problem has not been fully identified.

The problem arises when the field in the table wp_options siteurl is replaced by a HTML code. This field holds the URL of the blog (ie, that field is not designed to accommodate HTML code), so that being accomplished the attack, possibly the affected site longer to load.

The highest number of cases that have been presented so far has to do with the company Network Solutions, although other sites have also been affected VPS.net so probably this attack is independent of the company that provides hosting for the hole security is in the same WordPress and not a default configuration or hardware.

It is important to be vigilant and continuously review the sites to ensure there are no problems, in case of finding an abnormal behavior, it is advisable to check the database and especially the siteurl field.

For now Sucuri Security Labs and Trend Micro have reported this attack, Trend Micro announced that its antivirus detects the problem as TROJ_BUZUS.ZYX (see more information on this virus), which leads to malware infection, and in some cases may install a fake antivirus on the computer of users.

Update: In addition to spreading malware, the infection can get them to generate backdoor Trojans (backdoors), ie that administrators and users could see a normal version of the site, but search engines actually could be seeing another version of site , which is especially dangerous and harmful to the issues related to SEO.

Via Download Squad