WordPress states they have scanned their files and found no malware or anything unusual. So the general thought process is this was a false positive. Meaning the Kaspersky virus definitions were alerting on something that wasn’t a virus, trojan or other form of malware. From time to time all anti-virus companies have issues with false positives. But is that really what took place here?
The same day many people were seeing this alert – passwords for all WordPress.org accounts were reset do to a security concern. It’s not illogical to assume that other parts of WordPress hosted websites may have been manipulated. Some people might state that it’s a coincidence that these two events took place at the same time.
With all the hacking and denial of service attacks that have been occurring the past few months. I’d definitely consider WordPress a high value target do to the well known brands and companies who use the product. WordPress has been exploited in the past. March and April 2011 saw two very serious security situations related to WordPress. These events show that it wouldn’t be far fetched to assume someone might have slipped a worm onto a WordPress server.
I fully understand that it has become harder to avoid being a target or exploited online. If you are a high profile company or service it’s a daily battle to keep things secure. My problem with this latest WordPress situation is the response within their forums. The answer to concerned users was – we have scanned our files and everything comes up clean. Here is the problem with that. What security software are they using? How often do they update this software or hardware? Does this software update antivirus definitions as frequently as Kaspersky? Kaspersky has a better track record than most in regards to protecting against the latest threats.
My comments aren’t meant to be a criticism of WordPress security. Although I feel the answer given within the forum thread might have been a bit to dismissive. WordPress has a very good track record in regards to acknowledging and dealing with security threats. WordPress software is updated quickly when threats are detected.
When you have users concerned about virus alerts on sites such as CNN and TechCrunch among others. You need to take their concerns seriously. Honestly even if their concerns are about some little known website running WordPress the situation shouldn’t be taken lightly.