WordPress iFrame attack

A WordPress iFrame attack is more common than you might have thought, so if your WordPress blog has recently suffered a WordPress iframe attack, don't worry, you are not alone.

An iFrame (which is the term for an "inline frame") is used to load one web page inside another, usually from a different web server, and usually legitimately.

But here's an example of a malicious iFrame code that was injected into one of my WordPress blogs during a recent WordPress iFrame attack...

In this case the iFrame was invisible and loaded the malicious site hostads.cn, which in turn installed nasty malware, including a Trojan, onto unsuspecting visitors' computers. I liken it to the electronic equivalent of a drive-by shooting.

Some of the ways by which the WordPress iFrame attack can happen are...

• The site is hosted on a cheap, poorly-secured web hosting service.
• The site uses an older version of WordPress that has known security issues.
• File permissions on the server are not set correctly, e.g. all files and folders are set to 777 ... read-write-execute.
• FTP has been used instead of SFTP.

No matter which hosting company it is, they all consistently blame you and fail to help you restore your site from a WordPress iFrame attack, or help you lock it down and secure it against future attacks.

And once the malicious iFrame is there, you can't remove it by simply upgrading to the latest version of WordPress. You still have to do that, but you have to do it AFTER you've removed the WordPress iFrame attack, otherwise you will just be reinfecting the new WordPress files with the malicious iFrame code.

» How to remove a malicious iFrame injection attack from your WordPress blog

HOME › Articles

All content copyright © 2010 Evolve Marketing Ltd. All rights reserved.