Security Issues in WordPress

Unfortunately no good news today as some new security issues about the WordPress blogging software came out on the Techcrunch blog. Apparantly the WordPress popularity has motivated hackers to focus on the million of blogs supported by WordPress to insert spam and post unwanted entries.

It is not the first time such attacks have taken place, and usually WordPress releases patches within a couple of days to counter the loopholes, but for the latest wave of hacks there doesn’t seem to be an answer. Well,at least no answer from WordPress. The most obvious answer is that the bad guys grabbed usernames and passwords enabling them to came back later, even to nicely updated blogs, and hack them all over again.

If you are currently not using the latest version of wordpress, chances are more than real your blog has been hacked. Usually a backdoor is installed and the hacker can come back at a later time to modify content and insert spam (for adult material or erection pills). The wp-blog-header.php or Theme Files are current places where the hackers insert their codes, it is wise to check these places for unusual code snippets.

Furthermore it is considered safe to update your passwords and check if hackers have not added another account from where they can acces your information. Don’t forget hackers may also access the data related to your wp account through the wordpress install.

For moreĀ  information on the code snippets used by hackers you can check detailed blogs dealing with the issue. In the meantime keep on blogging!