Warning – Hackers Using Fake Wordpress Site To Hack Blogs

Posted on November 7th, 2008 by admin in Domain News | 1 Comment »

When you are next upgrading your Wordpress blog or installing Wordpress on a fresh site, make sure you carefully type the url “Wordpress.org” when you go to download the latest code. Do not click on links pointing to Wordpress.org in an effort to get to the website.

Hackers have set up a fake Wordpress site on Wordpresz.org – a site identical to Wordpress.org in the minute detail with one significant detail. The download of Wordpress software from the fake WordPresz.org website has a compromised pluggable.php file which attempts to send your cookie and login information to wordpresz.org/tuk.php compromising your security.

Unsuspecting visitors who mistype Wordpress.org and end up going to Wordpresz.org and downloading the latest Wordpress version are in fact handing their blog’s security information to the crooks at Wordpresz.org on a platter.

Funnily enough, the domain is registered with EstDomains, the registrar recently delisted by ICANN due to it’s enormous spam offenses.

News of this hacking attempt has spread quickly around the web picked up by ZDNet and TechCrunch and other news sources. The website is currently down – perhaps as a result of complaints to the registrar or more likely as a way to cover their tracks.

The WordPresz.org fake website was sharing it’s IP address (209.160.33.108) with a fake online pharmacy – livepills.com.