[wp-hackers] Evaluating impact from yesterday's Trojan'd plugins?

Doug Stewart zamoose at gmail.com
Wed Jun 22 13:09:26 UTC 2011

On Wed, Jun 22, 2011 at 9:05 AM, Otto <otto at ottodestruct.com> wrote:

> It was an insertion of backdoor code. Somebody would have had to later
> target your site specifically in order to get anything from it. It
> didn't do anything by itself, other than leave a hole open.
> Given the timeframe, it's unlikely they got anything out of it. It
> didn't really go to that many sites, all told.

So there was no "beacon" or "call-home" functionality? It was a
passive bit of code waiting for an exploit and didn't alert the
malfeasants to its installation?



More information about the wp-hackers mailing list