diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Gumblar Botnet crashes WordPress and other complex PHP sites

Tens of thousands of web sites / blogs, running WordPress blogging software, have been broken, returning a “fatal error” message in recent weeks. According to security experts those messages are actually generated by some buggy malicious code sneaked onto them by Gumblar botnet’s authors, who’ve apparently made some changes to their web code without doing proper testing, and as a result “the current version of Gumbar effectively breaks just not only WordPress blogs,” but “Any PHP site with complex file architecture can be affected,” wrote Sinegubko describing the issue. Crashed WordPress display following error message: Fatal error: Cannot redeclare xfm() (previously declared in /path/to/site/index.php(1) : eval()’d code:1) in /path/to/site/wp-config.php(1) : eval()’d code on line 1 . Other sites running software such as Joomla get different fatal-error messages. Gumblar installs its buggy code by first running on desktop and stealing FTP credentials from its victims and then using those credentials to place malware on website. WordPresser can use WordPress Exploit Scanner plugin to scan WordPress files and database for signs of suspicious activity. Or read ‘how to find backdoor scripts (both in files and in database) in hacked WordPress blogs’.

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...