Page 1 of 1

Malware Found On Sites

PostPosted: August 22nd, 2011, 8:50 pm
by vipervin
I received a report from Google that one of my sites was infected with malware. I looked into it further and found that nearly all my domains have been infected. I used this tool from Sucuri to verify the malware: http://sitecheck.sucuri.net/scanner/

I am hosting 8 domains, and 7 are infected. They all have WordPress. I first thought it was isolated to a certain theme, but my 7 sites use different themes from different developers, and they have all been infected.

A few domains were out of date, but even brand new domains that I created earlier this month with the latest WP and theme versions have been infected.

Now 1 domain was not infected and the only difference I could find was I did not install this Quick Cache plugin. All other 7 domains have Quick Cache.

Has anyone else ran into malware isseus? Try running the scanner tool above on your WP hosted domain.

Re: Malware Found On Sites

PostPosted: August 25th, 2011, 1:57 am
by vipervin
I am still not 100% sure what is causing the malware, but it might have been an exploit on an imaging script called Timthumb.php, not Quick Cache. Still not sure how it infected my sites though and how the one without QC was not impacted.