Comments on: Gumblar Breaks WordPress blogs and other complex PHP sites

By: 0-day wordpress vulnerability results in many Media Temple malware infections - Page 5 - WordPress Tavern Forum

Fri, 12 Mar 2010 15:07:23 +0000

[...] the corrupted files to your own server. http://www.pcantivirusreviews.com/up…rculating.html http://blog.unmaskparasites.com/2009…lex-php-sites/ http://blog.unmaskparasites.com/2009…jected-script/ [...]

By: Gagner de l'argent sur internet

Gagner de l'argent sur internet — Sat, 20 Feb 2010 09:32:23 +0000

I just recently purchased a software program that will protect and eradicate this virus while restoring your infected files to their original state. You can see a video on it at: www.webserversguardian.com

By: Content Management System Blog, Latest news on Joomla, Drupal, Wordpress, Mod-x

Content Management System Blog, Latest news on Joomla, Drupal, Wordpress, Mod-x — Thu, 18 Feb 2010 11:28:20 +0000

[...] a set of tools and ways for admins to retake their sites back, which can be found on his blog at this link. Filed under the category Joomla Rating: 0.00 (login to vote) Tags Gumblar Crashes [...]

By: pamela18

pamela18 — Mon, 15 Feb 2010 22:00:53 +0000

How to remove Trojan: Backdoor

http://www.tips29.com/2009/01/how-to-remove-trojan-backdoor.html

By: Obnoxious Clients - CLEARLY I'M NOT A PEOPLE PERSON

Obnoxious Clients - CLEARLY I'M NOT A PEOPLE PERSON — Sun, 07 Feb 2010 08:13:39 +0000

[...] Gumblar Breaks WordPress blogs and other complex PHP sites [...]

By: » PHP Sites Infected By BotNet Outbreak Official Geek Blog

» PHP Sites Infected By BotNet Outbreak Official Geek Blog — Sat, 07 Nov 2009 13:01:09 +0000

[...] to the blog Unmask Parasites, there is a new version of the Gumblar botnet making the rounds on PHP based websites. Back in May of this year, this malicious botnet was [...]

By: Watch Out, Watchout the Gumblar Botnets About | Blogging And...

Watch Out, Watchout the Gumblar Botnets About | Blogging And... — Sat, 07 Nov 2009 07:33:02 +0000

[...] to Weblog Tools Collection and the blog Unmask Parasites, there is a new version of the Gumblar botnet making the rounds on PHP based [...]

By: Denis

Denis — Fri, 06 Nov 2009 15:23:43 +0000

They don’t specifically target WordPress. They infect any PHP driven websites.

However, the PHP code they inject into existing files doesn’t take into account complex WordPress architecture, which leads to “redeclaration errors” and breaks compromised blogs.

So any version of WordPress can be broken. Just like any other complex PHP sites (i.e. Joomla, Drupal, phpBB, etc.)

In this attack, hackers use FTP credentials stolen from computers of webmaster, so WordPress itself is not to blame.

By: Watch Out For The Gumblar Botnet « Weblog Tools Collection

Watch Out For The Gumblar Botnet « Weblog Tools Collection — Fri, 06 Nov 2009 15:18:10 +0000

[...] to the blog Unmask Parasites, there is a new version of the Gumblar botnet making the rounds on PHP based websites. Back in May of this year, this malicious botnet was [...]

By: Will Anderson

Will Anderson — Fri, 06 Nov 2009 15:10:54 +0000

Of course it stinks that someone would create something like this in the first place, but part of me has to smile at their newbish mistake.