A throng of blogs have been compromised and are pointing readers to a malicious website containing scripts that lead to a Trojan that drops and executes other malicious files.
The origin of the attack can be found in a WordPress hack and a virus that – according to Tech Cocktail – “infiltrates WordPress and adds a new file in your scripts directory called jquery.js and then inserts that file into the header or footer files of your site. It also inserts an iFrame that calls a 3rd party site which is known for malware or other malicious activities.”
Users who’s blogs have been hacked are advised to contact WordPress for help and to provide information that can help them devise a fix as soon as possible.
Most of the affected blogs are hosted by Network Solutions, which says that event the users using the latest version (2.9.2) of the blogging platform are affected.
They also reacted pretty quickly and put a fix in place that requires no action by most customers. The exception are those that have custom code with manually-embedded database passwords, in which case they will have to change them.