|
IXDownload.Com combats Wordpress-based malware attacks with security resource launch
(Berlin) IXDownload.Com, the Internet's leading network and computer security resource and news source, launches a new resource page that lists tips and resources that help web users avoid malware/botnet trojans that use old WP installs' vulnerabilities.
With over 22 million installs, Wordpress is the defacto standard for standalone blogging on the Internet. However, according to a 2009 New York Times estimate, a whopping 95 percent of blogs are abandoned shortly after they are created. Applying this figure to Wordpress' self-reported installed base, this reveals a huge dormant base of Wordpress installs that no longer get updated. “It appears Wordpress' success is also the cause of many of web visitors' security headaches”, noted Oliver Thompson of IXDownload.
Malware authors and distributors regularly scan the the Net through targeted searches for older installs to exploit security vulnerabilities in these abandoned, and therefore unpatched, installs. These hackers install malware/trojans which allow them to victimize the visitors of these abandoned blogs. These visitors' computers are turned into “zombie computers” which constitute a “botnet” used for spamming, denial of service attacks, spreading malware, and other illegal activities.
Just this past April, hackers used an SQL injection or database vulnerability found on Wordpress blogs hosted by one of the Internet's biggest web hosting companies and domain registrars, Network Solutions. Hackers caused the blogs to redirect to a website which then loads a variant of the BUZUS trojan. Shortly after, bloggers that use the shared hosting services of another giant domain registrar and host, GoDaddy, also report similar attacks on their older Wordpress installs.
These recent attacks are just the latest examples of the never ending security challenge created by a huge installed base of unsecure and abandoned websites and a decentralized band of profit-driven hackers looking to create a self-perpetuating and self-propagating network to spread malware. “While Wordpress is extremely secure when it is upgraded to the latest version, it poses a major network security risk when it is abandoned since the latest patches only apply to the latest version of the script. Older, unpatched versions are ticking time bombs scattered all throughout the Internet”, said Thompson.
IXDownload.Com's new Blog Malware Protection and Prevention Resource Page combats these threats by listing practical tips and free blog security plugins and other tools. The Resource Page is divided into two sections: resources for owners of wordpress blogs and internet users who read blogs. “These two groups of individuals are indispensable to addressing the problem of malware-spreading abandoned Wordpress blogs,” explained Thompson. “The security threat post by abandoned Wordpress blogs can't be fixed unless both sides do their part in addressing the problem.”
Solutions and resources for blog owners focus on best practices to increase their blog's security such as latest version updates, finding secure plugins, preventing version scanning, comment security, login hacking prevention, and diagnostic scanning. “However, the biggest and most crucial part of the solution to abandoned WP blog-based malware distribution threats are the precautions a responsible blogger should take in the event that the blog owner no longer has the time or motivation to update his or her blog,” said Thompson. The Resource Page outlines best practice steps that bloggers should follow, in coordination with their web hosting services' technicians, to prevent their blogs becoming malware distribution sites. “Followed properly, the protocol we are suggesting helps protect bloggers against possible future attacks or liability arising from their abandonment of their blogs,” noted Thompson.
IXDownload.Com's Wordpress Blog Malware Protection and Prevention Resource Page also lists best browsing practices Internet users can put into use, so they can anticipate, prevent, and fix Wordpress blog-related malware attacks. Among the tips and resources discussed are how to use search engines to skip suspected attack sites, configuring browsers to block attack sites from loading, setting up alternative and backup scanning processes, among other tips. The Resource Page also lists tried and tested malware detection and cleaning applications.
“Information truly is the best anti-botnet weapon available on the Internet,” says Thompson. Armed with the right resources, tools, and policies, responsible bloggers and informed blog visitors can ensure that the threat posed by abandoned Wordpress blogs is minimized.
About IXDownload.Com:
IXDownload.Com is the Internet's leading software information and resource site focusing on a wide range of security, productivity, and multimedia applications.
Company: IXDownload.Com
|
| Related press releases |
Agnitum Launches Free Outpost Internet Security Suite [2010-12-22 4:28:35]
ST. PETERSBURG, RUSSIA, November 22, 2010 - The security experts at Agnitum, developers of the Outpost Pro security product line, are pleased to announce the availability of Outpost Security Suite Fre... |
| Comodo Internet Security Earns ICSA Labs Certification Passing Rigorous Independent Security Testing [2010-12-18 6:10:59]
JERSEY CITY, NJ, December 9, 2010 - Comodo, (www.comodo.com) a leading Certificate Authority and Internet security organization, today announced that its Comodo Internet Security (CIS) software earned... |
| Comodo Internet Security 2011 Stops Viruses & Malware Before a PC Becomes Infected [2010-11-5 0:22:55]
Jersey City, NJ, October 20, 2010 - Comodo, (www.comodo.com) a leading Internet security organization, announces the release of its Internet Security Manager 2011 software. Comodo® Internet Se... |
| Comodo Launches New Internet Security Checkmark Ensuring Customer Confidence in All eCommerce Transactions [2010-10-22 21:33:08]
JERSEY CITY, NJ, September 30, 2010 - Comodo, a leading Internet security organization, has implemented a new logo design and seal, which customers can use on their websites protected by Comodo SSL ce... |
| K7 TotalSecurity ranked among the top three in the world for product performance [2010-10-20 20:23:30]
Chennai, September 21 , 2010. K7 TotalSecurity, a leading Internet Security Suite comprising Antivirus, Anti-spam, Firewall, Privacy and host of other security features, has been ranked among the top ... |
| Netflow Auditor Super Vision to detect and isolate network performance and security anomalies. [2010-10-17 19:08:45]
IdeaData today announced a new version of its Network Super Vision software NetFlow Auditor to give organizations the visibility to identify and isolate network issues helping to resolve performance p... |
| Axigen Releases Version 7.5 with Top Level Security & Performance [2010-9-7 19:34:45]
Bucharest, Romania – September 1st, 2010 – Axigen, the professional messaging solution vendor, announces today the commercial release of version 7.5 of their integrated email, calendaring and collabor... |
| K7 TotalSecurity wins yet another VB100 Certification [2010-9-6 19:28:11]
K7 TotalSecurity, the ultimate PC security suite, has won the VB100 certification once again with its solid performance
Chennai, August 31, 2010 - K7 Computing’s, best-in-class, Internet Security Sof... |
| Kaspersky Lab and Axigen Partner to Deliver Premium Email Security [2010-8-28 6:01:41]
Bucharest, Romania - August 18, 2010 - Kaspersky Lab (www.kaspersky.com), a leading developer of secure content management solutions, and Axigen (www.axigen.com), the professional messaging solution v... |
| Web Security Pioneer and Technical Innovator Dr. Phillip Hallam-Baker Joins Comodo [2010-8-24 9:20:03]
Jersey City, NJ, August 11, 2010 - Comodo, a leading Certificate Authority and Internet security organization, today announced a key addition to its management team with the appointment of Dr. Phillip... |
|
|
|
| McAfee AVERT Stinger |  Having an antivirus solution installed on the computer is definitely a necessity to ensure that one's PC is protected against malware attacks and infections. However, this protection can be doubled by a specialized remov |
|
| pdfFactory Pro |  pdfFactory is our standard tool for creating PDF files. Our PDF products use a unique approach to PDF creation that is simpler and more effective than other methods. pdfFactory Pro is a software that allows you to create |
|
| Auto Power-on Shut-down |  The market is already full of applications designed to give you the power of scheduling tasks such as rebooting or shutting down, but Auto Power-on Shut-down comes with a completely new approach.
The ace up its sleeve |
|
| Media Player Classic - Home Cinema |  Media Player Classic - Home Cinema has been designed as a simple but effective solution for viewing movies.
Seeing as how the current market is cluttered with complex media players, Media Player Classic - Home Cinema |
|
| Nimbuzz |  Using multiple instant messengers at the same time is the latest trend in the software industry, so you shouldn’t really be shocked if one of your friends chats on Google Talk, Yahoo Messenger and Windows Live Messenger |
|
| Portable Maxthon Browser |  This is the portable version of Maxthon - a powerful web browser that has a lot of interesting and useful features.
Since it is a portable product, Maxthon does not require any installation, so the Windows registry entr |
|
| BurnInTest Professional |  Society's reliance on computers means that the cost of hardware failure can be enormous. BurnInTest Professional will help you thoroughly exercise PC hardware in the shortest period of time so intermittent or hidden prob |
|
| Firefox |  iWritten by bBogdan Popa/b on October 11th, 2011/i
You're not an avid computer user if you've never installed Firefox. This innovative browser developed by Mozilla has grown a lot in popularity in the late |
|
|
Latest press releases
