Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Search Results

TimThumb

48 posts
TimThumb Vulnerability: Throwback Thursday
  • Security Education
  • Website Malware Infections
  • Website Security

TimThumb Attacks: The Scale of Legacy Malware Infections

  • Denis Sinegubko
  • August 29, 2019
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its…
Read the Post

TimThumb WebShot Code Execution Exploit (Zeroday)

  • Daniel Cid
  • June 25, 2014
If you are still using Timthumb after the serious vulnerability that was found on it last year, you have one more reason to be concerned.…
Read the Post

Uploadify, Uploadify and Uploadify – The New TimThumb?

  • Daniel Cid
  • June 26, 2012
We are seeing a lot of noise again regarding the Uploadify script vulnerabilities affecting some WordPress themes/plugins. If you are not familiar, Uploadify allows anyone…
Read the Post

List of Domains Hosting Webshells for Timthumb Attacks

  • Daniel Cid
  • May 31, 2012
We have been tracking TimThumb related attacks for a while and they are still at full force (yes, some people are still using the outdated…
Read the Post

Timthumb.php Mass Infection – Aftermath – Part I

  • David Dede
  • October 28, 2011
If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in…
Read the Post

TimThumb.php backdoor

  • David Dede
  • September 14, 2011
If your site got compromised lately with the TimThumb.php vulnerability, make sure to check that script to see if it was not modified to act…
Read the Post

TimThumb.php Attacks – Now Being Used for Blackhat Spam SEO and Might Break Your Site

  • David Dede
  • August 24, 2011
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating that script as soon as possible. Sites that didn’t…
Read the Post

TimThumb.php attacks – Now using googlesafebrowsing dot com

  • David Dede
  • August 24, 2011
We have been talking a lot lately about the Timthumb.php vulnerability and the importance of updating the script as soon as possible. Sites that didn’t…
Read the Post

Mass Infection of WordPress Sites Due to TimThumb ( counter-wordpress dot com )

  • David Dede
  • August 23, 2011
Many people are asking us about this “counter-wordpress.com” type of malware, so we will post some details here. Our scanner has been identifying it for…
Read the Post

Attacks Against Timthumb.php in the Wild – List of Themes and Plugins Being Scanned

  • David Dede
  • August 17, 2011
We are seeing large scale attacks against the vulnerable timthumb.php script in the wild. Thousands of sites are getting compromised and if you have it…
Read the Post

TimThumb.php Vulnerability Not Only Affecting Themes – Plugins too

  • David Dede
  • August 16, 2011
The Timthumb.php vulnerability is being used in the wild to hack and infect thousands of WordPress sites. Hopefully everyone is checking their themes and updating…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'