Intentional… Or Malware?

I have run into the scenario of checking an end user’s computer for signs of p0rn, or surfing p0rn sites, and seen ambiguity introduced by popups from sites that are not p0rn per se, or clicks that were unintended and aborted. Obviously, malware can not only cause popups, but also download files nefariously.

This is an extreme cautionary case, in which a worker was fired for child p0rn, had his reputation ruined, faced criminal charges, and was found to be innocent. Tech support completely failed and even helped persecute him. That’s bad.

Upgraded

Talk about feeling watched. No sooner did I remove the rogue links than they were replaced with similar ones off a different college URL.

I dropped everything to upgrade WordPress. Seems to be working so far.

Time to Update WordPress

I came over here to update the blogroll and noticed a funny thing:

Someone was able to hack WordPress in a way that gave them access to the blogroll. No idea when it happened, but the links all redirected through this WordPress blog using a trailing structure in the form of:

?q=cash-loans

At the end of the URL to which I linked. Not sure offhand what the ?q is and how it differs from the ?s format used to return search results. It did the job, anyway, redirecting to an entirely different location. I suspect the blog in question was also victimized and had no active role.

The lesson? This is probably why there have been security-related updates to WordPress that I should have installed periodically. I’m pretty sure none of the WP blogs in our “empire” are fully updated except the newest one. Oops.

The other lesson? If I posted here regularly as I really do plan to, I would notice these things promptly, limiting any benefit accruing from the linkage.

Now multiple WordPress updates are on my list of things that must be done sooner rather than later.