Many of our clients were recently affected by a WordPress trojan virus injection. The malicious code attacked 30,000 websites last week. Sites on older WordPress installations were particularly vulnerable, but the trojan code also attacked some Joomla and OS Commerce sites as well.
Once the code was executed, it would redirect a site visitor to a fake anti-virus scan (pictured below), and offer a download which would in turn give the user the virus. The rogue code was hidden in the Header, Footer and Index PHP files of WordPress. We removed the rogue code, upgraded WordPress installations and plugins, and changed passwords on all affected sites.
At Pittsburgh Internet Consulting, we believe we don’t just provide top-level e-commerce internet consulting, but continued support as well. When this virus hit our clients sites, all projects were put on hold and necessary steps were taken to ensure all of the affected sites were clean, online, and making money for our clients.
Anyone operating E-Commerce sites on one of the popular CMS platforms should be aware of this malicious code. We had trouble finding much information online and did our diagnostics in-house. Read a news report on this breach: