Do you use a WordPress plugin called Custom Content Type Manager (CCTM)?
It appears the plugin was either sold to a new author who promptly updated the plugin to install all kinds of nastiness to anyone who auto or manually updated the plugin, or the new author hacked ownership.
So, you will want to stop everything and change ALL your user passwords, roll back (or use the latest release) of CCTM, as well as patch a list of files compromised thanks to the new plugin user who installed a backdoor and had the plugin email him login credentials upon each site being compromised, as +Jennifer Slegg reports http://tgcafe.it/1UNEFqB.
Sucuri also has a lot more details on how this plugin turned malicious on sites, with their step by step research once they discovered the exploit in the wild. They also include a much more detailed version of instructions to clean it up. http://tgcafe.it/1UNF38p
_______________________________________________________
More marketing news: http://tgcafe.it/your-marketing-news
from Ana Hoffman - Google+ Posts
http://ift.tt/21htFl4
No comments:
Post a Comment