Attackers took over thousands of web sites

A vulnerability in a system for managing web page content (content management system, CMS), Word Press, discovered 9 weeks ago, is still used by attackers for mass stealing and controlling vulnerable web pages and posting malicious content. 

This vulnerability was patched more than 2 months ago, however a large amount of Word Press CMS users obviously didn’t install latest patches or cleaned their sites of malicious programs. Seizing control over web page is enabled by an oversight in a popular image resizing program, TimThumb. A computer security company, Avast, has released information that their computer security tools stopped over 6000 attempts of attackers redirecting users to their malicious web pages, by using a tool called Black Hole which exploits the aforementioned CMS vulnerability. As programs made by Avast are used by just a part of Internet users, the company suspects that proportions of this infection are far greater. Owners of infected web pages are advisedto thoroughly inspect instructions on their pages, especially in a “.htaccess” folder. Aditional description can be found at The Register web site.