…thankfully not mine, though it was a very close one. I grabbed the latest WordPress a couple of days ago to set up this blog, and what do I see today but this:
WordPress 2.1.1 dangerous, Upgrade to 2.1.2
Crap. Apparently someone got user-level access on their servers, and added a couple of backdoors to the latest.tar.gz that was available for downloading. This was right at the same time I downloaded it to set it up.
So, I learned the upgrade procedure really quickly 
You should always check the MD5 hash of the files you download with a hash provided by the site, and preferably with some of the mirrors. Not sure if it would’ve helped in this case, since the official site was the one that got hacked (so presumably the attacker had control of the MD5 hashes as well), but it’s good advice in general!
I overwrote the latest.tar.gz from 2.1.1 when I wget’d 2.1.2 though, and now I wish that I had saved it to take a look at what the attacker added. I believe they’ve reverted the changes on the 2.1.1 available from the site, and I can’t find any copies of it from the narrow time period on Google 
Recent Comments