[wp-hackers] Evaluating impact from yesterday's Trojan'd plugins?
zamoose at gmail.com
Wed Jun 22 13:09:26 UTC 2011
On Wed, Jun 22, 2011 at 9:05 AM, Otto <otto at ottodestruct.com> wrote:
> It was an insertion of backdoor code. Somebody would have had to later
> target your site specifically in order to get anything from it. It
> didn't do anything by itself, other than leave a hole open.
> Given the timeframe, it's unlikely they got anything out of it. It
> didn't really go to that many sites, all told.
So there was no "beacon" or "call-home" functionality? It was a
passive bit of code waiting for an exploit and didn't alert the
malfeasants to its installation?
More information about the wp-hackers