Timthumb.php Mass Infection – Aftermath – Part I
David Dede If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in…
Browsing Category
Vulnerability Disclosure
254 posts
MyBB web site and downloads compromised
It’s not good when your site gets infected with malware, specially if you’re a provider of software to many. If you are using MyBB (forum…
Mass infections from jjghui.com/urchin.js (SQL injection)
We are seeing many sites compromised with malware from jjghui.com/urchin.js. Most of them are IIS/ASP sites and the infection method seems to be similar to…
Malware Infections from rebotstat dot com
We are starting to share some of our research and view of web-based malware online: http://sucuri.net/global. The #1 infection we are seeing in the last…
Mass compromise at inmotionhosting.com
Thousands of sites were defaced today at InMotion hosting. The defacement was made by “TiGER-M@TE” and all of the affected sites showed the following text:…
Website Getting Redirected? It Might Have Something To Do With Moneygram-tracking Dot Com
Have you ever tried to visit your site and you got redirected to a different site? Maybe some external news page that had nothing to…
TimThumb.php backdoor
If your site got compromised lately with the TimThumb.php vulnerability, make sure to check that script to see if it was not modified to act…
TimThumb.php Attacks – Now Being Used for Blackhat Spam SEO and Might Break Your Site
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating that script as soon as possible. Sites that didn’t…
TimThumb.php attacks – Now using googlesafebrowsing dot com
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating the script as soon as possible. Sites that didn’t…
Mass Infection of WordPress Sites Due to TimThumb ( counter-wordpress dot com )
Many people are asking us about this “counter-wordpress.com” type of malware, so we will post some details here. Our scanner has been identifying it for…
Attacks Against Timthumb.php in the Wild – List of Themes and Plugins Being Scanned
We are seeing large scale attacks against the vulnerable timthumb.php script in the wild. Thousands of sites are getting compromised and if you have it…