A New Morning

Technology, Software, Tips and Tricks, Downloads and a bit of fun

  • Home
  • About
  • Contact
  • Privacy Policy
  • Send us a Tip

WP-Stats Virus in Wordpress Blogs - How to prevent it?


      Stumble it!

Posted by MoiN
June 4, 2008

WP-Stats VirusA lot of people are getting infected by this WP-Stats Virus in wordpress. WP-Stats is a trojan horse and is infecting a lot of bloggers using wordpress. Mainly WP-Stats virus is hitting people who are using Wordpress version 2.3.3.

What Does WP-Stats Virus do?

WP-Stats virus creates a directory in your wp-contents folder named “1″ and creates a directory of list of “search engine-friendly” gambling, porn, and other illegal sites.

Where does WP-Stats virus comes from?

WP-Stats virus comes from infected websites which are flagged by Google. I’m assuming that the plugin WP-Stats is bugged and infected as well. WP-Stats WP-Stats 2.0 are Affected for sure. According to Net Security

“WP-Stats WordPress Plugin contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the wp-stats.php script not properly sanitizing user-supplied input to the ‘author’ variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.”

How to remove WP-Stats Virus?

Well, there isn’t a 100% solution out yet but you should take these steps to get least infected.

- Upgrade your Wordpress to the latest version

- Delete the folder wp-content/1 through your wordpress control panel since it contains the trojan.

- I’m not sure if you can access yourblog.com/wp-admin because WP-Stats hits it too else you should remove the plugin.

- Avoid installing any new plugins

- Try changing your theme because there are some themes that calls for the script.

I would also recommend you to read these blogs which basically confronted this trojan, for more information.

JasonMorrison
Bontb

TipsTricksToolsTechniques

Tips & Tricks
Google
Custom Search
If you enjoyed this post, make sure you subscribe to my RSS Feed for latest updates.



Related posts:

  1. How to Update Your Wordpress Blog to Wordpress 2.7
    Wordpress 2.7 has been released, as most of us know. Wordpress 2.7 offers a new...
  2. Twitter Stats
    Just confronted a nice utility called TweetStats that (after entering your twitter username only) shows...
  3. AVG (Anti-Virus Free) Free V8 SP1 is now available for Download
    AVG (Anti-Virus Free) is a great anti virus and antispyware protection application for Windows which...
  4. Wordpress 2.7 Coming Soon
    Another major update is coming for wordpress in form of wordpress 2.7 - Proposed...
  5. Kaspersky Anti-Virus 8.0.0.1062 for Windows 7
    Kaspersky Lab, a leading developer of secure content management systems, announces the release of a...


Comments
Comment by Yasser on June 5, 2008 @ 8:27 am

So it’s more of a plugin that is vulnerable and not WordPress itself.

Comment by MoiN on June 5, 2008 @ 8:33 am

There are some sites that are flagged by google, it gives a warning before you enter.. And I recommend that you shouldn’t.
Wordpress’s SQL is vulnerable and the trojans can get in, yes with helps of plugins etc.

Comment by Rockstar Sid on June 5, 2008 @ 8:44 am

I suggest everyone to use wassup wordpress plugin… Extremely useful!

Comment by Manoj Sterex on June 9, 2008 @ 4:08 pm

Hey, you are talking about a very old version of wordpress 2.3.3. 2.5.1 is out. Besides, you are not even mentioning who is getting infected, the user or the server?

Just upgrade wordpress if you still haven’t. That should solve the problem. Besides, you could use the Stats plugin that uses wordpress.com API. That is surely safe, I guess.

Comment by Moin on June 9, 2008 @ 4:11 pm

Yes, I know, I actually know someone who was infected by this last week.. and a lot of people are still using the old version!

Comment by Manoj Sterex on June 10, 2008 @ 4:14 pm

That’s bad. I wonder why they are still using the old version. Probably theme compatibility?

Whatever the reason, if they do not upgrade, they are losing out on all the new features.. pity.. :(

Comment by roderich on June 17, 2008 @ 6:30 pm

hi, i am having wp 2.5 and still got infected. i cannot log in to admin mode anymore and honestly quite lost. somebody have some help?
roderich

Comment by Babe Pussy on July 1, 2008 @ 7:57 pm

Thanks for this. Article who your writen was so important for me. Thanks again :)

Comment by 이정일 on July 23, 2008 @ 9:02 pm

Great information for me, Thanks.

Comment by threats on December 31, 2008 @ 11:35 am

You have provided me a good info of wordpress issues. I am new to wordpress and currently using blogger and will switch to wordpress soon. Thanks for this info.

Comment by GreatGrey on February 20, 2009 @ 1:32 pm

Thanks for the info. I just noticed today that I had a wp-content/1 folder in two of my blogs.

Grrr.

Leave a comment

(required)

(required)


Additional comments powered by BackType

Search

Archives

  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008

Categories

  • Apple
  • Blogger Themes
  • Blogging
  • Cell Phones
  • Daily Software Updates
  • Free Stuff
  • Funny / Humor
  • Gadgets
  • Gaming
  • Guides and Articles
  • Interesting Stuff
  • Linux
  • News
  • Softwares
  • Technology
  • Tips & Tricks
  • Windows
  • Wordpress Plugins
  • Wordpress Themes
Translate:  cn de es fr it jp kr pt ru
  • Recent Posts

    • Clean Up Your Itunes Library With Meta-iPod
    • Distance Measuring Gadget - Smart-Rule 7-in-1
    • A Wikipedia Book By A 22 Year Old
    • Gmail Down - Here’s what to do.
    • Dota 6.60 Download - Official Release - Alternative Links
  • Recent Comments

    • photographer on Clean Up Your Itunes Library With Meta-iPod
    • Чебоксары фото on Clean Up Your Itunes Library With Meta-iPod
    • Чебоксары фото on Disable System Notifications in Windows 7
    • photographer on Disable System Notifications in Windows 7
    • | Pieces of Mind on 30 Free Magazine / Grid Style Wordpress Themes
    • John1341 on Free Article Submission Websites
    • thactohakessy on The “Shouts are Removed at Digg” - Discussion with the Top Users
    • Jaspal Singh on 60 Best Apple Wallpapers
    • Guest on How to resize your Avatars.
    • Sami on Windows 7 Icon Pack
  • Tags

    2 column Apple Best Beta blog Blogger Theme browser create Dota download easily Facebook firefox Free Funny games Gmail google Guide How to iPhone Ipod Itunes Linux Mac Microsoft music online photos pictures play Software theme themes Twitter Video videos Vista website Windows windows 7 Wordpress Wordpress Theme Wordpress Themes Youtube
  • Popular Posts

    Photoshop Tutorials
    Linux Audio Players
    Free Linux Games
    How to Create The Ultimate Windows XP Installation CD/DVD
    How to Restore Firefox's Lost Bookmarks
    FreeLancing Guide

Powered by Wordpress | WP Premium theme by WP Remix
Copyright 2007. A New Morning. All rights reserved

  • Home
  • About
  • Contact
  • Privacy Policy
  • Send us a Tip