We’ve just found some malware – or, more precisely described, links inserted into our posts which, if followed, would lead readers to sites containing malware. One of the variants is described as “Reycross [dot] com” – one of the ones which hit us leads people to the site blog [dot] campe [dot] com [dot] br.
Update: Vladimir Prelovac advises use of the plugin WordPress Exploit Scanner, by Donncha O Caoimh1
Riyad Kalla of the blog/website Kallasoft has written one helpful post How to Remove reycross.com WordPress Malware.
Vladimir Prelovac – always sharp, wrote about this over a year ago: Check your website for virus attack ! and in how to check WordPress sites (Readers may remember our posts about Vladimir’s exceptionally helpful Insights Plugin, which I use daily.(See the rest of his WordPress Plugins – and you’ll see what great contributions he’s made to the WordPress toolbox)
My preliminary take on this is that by WordPress 2.8 or 2.9 – the vulnerability had been removed – so at a minimum, one can upgrade – and then manually remove the offending code. But – haven’t confirmed it – so we’ll try to update this.
Possibly related posts: (automatically generated)
- Related posts on malware
- Lavasoft Ad-Aware Pro Internet Security 2010 v8.1.2 | D&D | Deals …
- Malwarebytes Anti-Malware Review
Evernote lets you save all the interesting things you see online into a single place. Access all those saved pages from your computer, phone or the web. Sign up now or learn more. It's free!
- I’ve done an injustice – as English-language users often do – to the Irish transliteration of his name. There are accents and phonetic markers missing. There’s probably a way to resolve that in WP and/or HTML, but I don’t know what it is. Mr. O Caoimh, it’s my understanding, is one of the early major contributors to WordPress – and with this plugin, now having undergone a number of iterations, he’s working to keep it safe. Gives an entirely new meaning to the idiom “gift of Blarney.” [↩]