[Coco] WARNING! Possible virus script hijacking of CoCo3.com !!!
Roger Taylor
operator at coco3.com
Thu May 20 11:45:53 EDT 2010
Confirmed, the .php files were hacked with an eval() statement up top
that redirects the visitors. This happened on 5/19 at 21:34. I'm
not sure what the redirect ultimately does, so people without an
internet security program like Nortons should stay off the site until
I update the WordPress system.
I was behind at least 5 updates but I kept the security plug-ins updated daily.
Every .php file in the /community folder has the redirect script
inserted at the very top. There is no way on earth a manual removal
is possible since there are thousands of .php files in the system,
but installing the latest version of WordPress will replace
everything and the notice is in my cPanel with the buttons to run the
install process.
Cross your fingers... here I go... right after BlueHost finishes my
entire site backup. Getting the theme back is my main concern.
--
~ Roger Taylor
More information about the Coco
mailing list