WordPress states they have scanned their files and found no malware or anything unusual. So the general thought process is this was a false positive. Meaning the Kaspersky virus definitions were alerting on something that wasn’t a virus, trojan or other form of malware. From time to time all anti-virus companies have issues with false positives. But is that really what took place here?
The same day many people were seeing this alert – passwords for all WordPress.org accounts were reset do to a security concern. It’s not illogical to assume that other parts of WordPress hosted websites may have been manipulated. Some people might state that it’s a coincidence that these two events took place at the same time.
With all the hacking and denial of service attacks that have been occurring the past few months. I’d definitely consider WordPress a high value target do to the well known brands and companies who use the product. WordPress has been exploited in the past. March and April 2011 saw two very serious security situations related to WordPress. These events show that it wouldn’t be far fetched to assume someone might have slipped a worm onto a WordPress server.
I fully understand that it has become harder to avoid being a target or exploited online. If you are a high profile company or service it’s a daily battle to keep things secure. My problem with this latest WordPress situation is the response within their forums. The answer to concerned users was – we have scanned our files and everything comes up clean. Here is the problem with that. What security software are they using? How often do they update this software or hardware? Does this software update antivirus definitions as frequently as Kaspersky? Kaspersky has a better track record than most in regards to protecting against the latest threats.
My comments aren’t meant to be a criticism of WordPress security. Although I feel the answer given within the forum thread might have been a bit to dismissive. WordPress has a very good track record in regards to acknowledging and dealing with security threats. WordPress software is updated quickly when threats are detected.
When you have users concerned about virus alerts on sites such as CNN and TechCrunch among others. You need to take their concerns seriously. Honestly even if their concerns are about some little known website running WordPress the situation shouldn’t be taken lightly.
WordPress & Go Daddy Hosting – A Winning Combination For Your blog!
Kaspersky Internet Security 2012 keeps your PC free from malicious code, adware, spyware, hacker attacks, spam and network fraud.
Watch 75,000+ designers compete for your biz
EcoPro is a full-width CMS WordPress theme with tons of options and templates. When you buy, we donate 10% to help the environment!
Platform Pro – Drag and Drop WordPress Theme Framework
Create Your Blog Today TypePad
Powered by Movable Type. Join the MT Community.
ZoneAlarm 2012 Internet Security Suite – Keep Evil Away from your PC and Save 35% today!
Yahoo! Web Hosting – 25% off for the first 3 months
Special Free Week offer to either the Print or Online editions of The Wall Street Journal!!!
Grow Your Business with Blogs. Download Movable Type Now!
Global Protection 2012: Enjoy total security and ensure information integrity.
Save 20% on Trend Micro™ Titanium™ Maximum Security! Coupon Code: titanium20
Purchase F-Secure Internet Security
Cisco Linksys Home Networking Store Special Offers & Deals. New products, price drops, promotions, free shipping and 90 day returns!
Save time and save money with Adobe North America Volume Licensing
Buy a license of AutoCAD LT online and get professional drafting and detailing capability.
Trend Micro Worry-Free Security Suites for Small Businesses
ESET Cybersecurity for Mac keeps you protected – because even Macs get viruses. Save 25% on a 2-year subscription.
ESET NOD32 – fast, effective, and lightweight antiviral software – save 25% on a 2-year subscription
Stay Safe Online – Shop our Norton Home & Home Office Store.
Consolidate multiple domain names with Network Solutions, the original domain name registrar!
New – Mac Cloud Servers from GoDaddy.com!
20% off Premium SSL Certificates from GoDaddy.com!
100% Eco Friendly Web Hosting Service — iPage Web Hosting
Win 7 – Get the version that fits you and makes your PC simpler! Shop Microsoft Store.
Ultimate protection for your business
AVG products are running on over 110 million computers worldwide, find out why.
Worm.JS.FBook.a Malicious Software WordPress.com Forums
WordPress.com and Worm.JS.FBook.a Kaspersky Lab Forum
Kaspersky warning Worm.JS.FBook.a WordPress.com Forums
WordPress Warns Of Trojanized Plug-Ins, Urges Patching
WordPress.org Passwords Reset Weblog Tools Collection
Security Incident WordPress.com
WordPress.com Suffers Another Security Breach
WordPress Servers Hacked At Root Level
Passwords Reset at WordPress.org Security Forums
WP-phpmyadmin WordPress plugin – Delete it now
Disgruntled IT guy slips porn into CEO’s PowerPoint
Baltimore man sentenced in city’s first computer hacking case
If you enjoyed this article, please consider sharing it!
