Really Nasty WordPress Hack Making the Rounds
Oh, yuck. It looks like there’s a really nasty WordPress hack going around. “In the past four days, researchers from three separate security firms have reported that a large number of legitimate WordPress sites have been hacked to silently redirect visitors to a series of malicious sites. The attack sites host code from the Nuclear exploit kit that’s available for sale in black markets across the Internet. People who visit the WordPress sites using out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer can then find their computers infected with the Teslacrypt ransomware package, which encrypts user files and demands a hefty ransom for the decryption key needed to restore them.”
This kind of stuff is why I don’t try to self-host WordPress anymore. I want to find great stuff to tell you about, not worry that my blog is giving your computer cooties.