More than 1,000 WordPress blogs are currently being infected by a form of malware that has ‘piggybacked’ its way onto the blogging platform using the WordPress automatic update function, a security researcher has discovered, reports Threatpost.
“According to Denis Sinegubko, founder of Unmask Parasites, the problem lies in WordPress’ ‘Automatic Update’ feature and affects WordPress users who have elected to use that feature. Attackers have figured out how to add a snipped of encrypted code into the PHP file that prompts WordPress to update, Update.PHP. That code injects malicious code into another PHP file, wp-settings.PHP, which redirects users to a series of pay-per-click e-commerce sites and pay per click search result aggregation sites, according to a blog post by Sinegubko.”
Read more: http://threatpost.com/en_us/blogs/expert-warns-wordpress-autoupdate-feature-used-infect-blogs-malware-050312