TimThumb Attacks: The Scale of Legacy Malware Infections
Denis Sinegubko These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its…
Search Results
TimThumb
48 posts
TimThumb WebShot Code Execution Exploit (Zeroday)
Daniel Cid If you are still using Timthumb after the serious vulnerability that was found on it last year, you have one more reason to be concerned.…
Uploadify, Uploadify and Uploadify – The New TimThumb?
We are seeing a lot of noise again regarding the Uploadify script vulnerabilities affecting some WordPress themes/plugins. If you are not familiar, Uploadify allows anyone…
List of Domains Hosting Webshells for Timthumb Attacks
We have been tracking TimThumb related attacks for a while and they are still at full force (yes, some people are still using the outdated…
Timthumb.php Mass Infection – Aftermath – Part I
David Dede If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in…
TimThumb.php backdoor
If your site got compromised lately with the TimThumb.php vulnerability, make sure to check that script to see if it was not modified to act…
TimThumb.php Attacks – Now Being Used for Blackhat Spam SEO and Might Break Your Site
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating that script as soon as possible. Sites that didn’t…
TimThumb.php attacks – Now using googlesafebrowsing dot com
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating the script as soon as possible. Sites that didn’t…
Mass Infection of WordPress Sites Due to TimThumb ( counter-wordpress dot com )
Many people are asking us about this “counter-wordpress.com” type of malware, so we will post some details here. Our scanner has been identifying it for…
Attacks Against Timthumb.php in the Wild – List of Themes and Plugins Being Scanned
We are seeing large scale attacks against the vulnerable timthumb.php script in the wild. Thousands of sites are getting compromised and if you have it…
TimThumb.php Vulnerability Not Only Affecting Themes – Plugins too
The Timthumb.php vulnerability is being used in the wild to hack and infect thousands of WordPress sites. Hopefully everyone is checking their themes and updating…