Take care when searching for WordPress that you do not end up on a fake WordPress site. Wordpresz.org looks like the WordPress site but isn’t.
This is just the first of what could be a run on fake sites that take advantage of your careless misspelling and spoofs the official WordPress site. Pay close attention and type out manually http://www.wordpress.org/ and double check the URL before downloading anything from the official WordPress sites.
If you upgraded WordPress to 2.6.4, you are running a fake version. There is no WordPress 2.6.4. The latest version is 2.6.3. The version of WordPress you download has malicious code in the download that opens a backdoor to your blog.
Automattic is looking at ways to keep users informed and warned, but pay attention to details. Just check first and know what you are downloading before risking your blog.
For more information see these articles, but please, do not click through to the fake WordPress site mentioned:
- Craig Murphy – WordPresz 2.6.4 – fake?
- Viper007bond – There is No Such Thing as WordPress 2.6.4
- Peter Westwood – WordPresz
- The Register – Trojanised WordPress
- ZDNet – Fake WordPress site distributing backdoored release
- Weblog Tools Collection – Fake WordPress Site
US Election Sites Attacked
Security Focus reports that Obama and McCain got a lesson in cybersecurity when their campaign websites/blogs were attacked. The FBI is investigating and the attacks were thwarted.
The increase in website hacking and phishing attempts is increasing, and all website server systems, CMS and blog platforms, and web applications are increasing their security stance around the world. Monitor the various WordPress news resources for updated information to help protect your WordPress blog and your site in general.
- Fighting Registration Spam in WordPress
- Are You Risking Your Blog With an Unofficial or Vulnerable WordPress Theme?
- Protecting Your WordPress Blog
- Attack of the Mean Commenter: Blocking Commenters and Comments on Your WordPress Blog
- Protect Yourself Online With Common Sense
- Blogs and Conspiracy Theories
- Blog Resources: Researching the Research, Finding the Facts, and Seeking Supporting Evidence
- WordPress.com Banned Again: Why Aren’t You Concerned?
- WordPress Security Prevention, Reactions, and Scares
- How to Access Banned WordPress.com Blogs
- WordPress Blogs and More Hacked by Google Redirects
Site Search Tags: wordpress, wordpress tips, wordpress security, fake wordpress, phishing, spoof, spoofing, protect your wordpress blog, wordpress blog protection, wordpress security issues, wordpress news