Wordpress sites hacked to lead to malware sites

Many legitimate WordPress sites have been hacked to lead users to a Blackhole exploit kit that spreads malicious software, a computer security firm said. Avast said those behind the exploit are using a vulnerability in TimThumb, an image resizer, to upload and execute code. "The bad guys are using a security vulnerability in non-updated TimThumb. This allows attackers to upload and execute arbitrary PHP code in the TimThumb cache directory which will download other malicious files. But this is not the only way; for example they use stolen passwords to direct FTP changes," it said in a blog post. It noted the Blackhole exploit kit is used to spreading malicious software to users through hacked legitimate sites. Avast said the kit was most likely made by Russia developers. The kit's full version costs around $1,500 on the black market but bargain hunters can find a stripped-down version for free online. A separate article on The Hacker News said the BlackHole exploit kit redirected the website's visitors to an external malware-hosting site. It said researchers had detected an additional 3,500 unique infected WordPress sites, which redirected visitors to malicious sites between Aug. 28 to 31. During September, at least 2,515 redirects from WordPress sites had been blocked, The Hacker News reported. — TJD, GMA News