Yesterday, whilst browsing one of my regular blog reads on my PDA, I saw something that wasn’t quite right. Above all of the actual blog content were dozens of links with various financial terms. I was out for the day and didn’t have access to my computer until the evening, but when I returned I went to the blog in question using Firefox and saw that all appeared okay even though my PDA was still showing the spammy-looking links.
There were two possibilities, I thought. Either there’s a problem with my viewing i.e. my PDA or Internet connection had been compromised or there’s something not-so-obvious going awry with the blog. Since I couldn’t see any other sites affected in the same way, I decided the latter was actually the case. Looking at the underlying web page source code in Firefox confirmed this. Near the bottom of all of the legitimate source code was this:
The reason why nothing appeared to be out of the ordinary when viewed using a standard web browser was because CSS was being used to prevent the injected links from being displayed. That doesn’t mean that they’re not there or that search engines can see and index them. Using the Firefox Web Developer plugin to disable CSS for the current page showed what was underneath the CSS cloak:
Why you should upgrade to WordPress 2.5
If you’ve been wrangling about whether to upgrade or not, then consider the consequences of leaving your blog unpatched such as Technorati refusing to index compromised blogs. Even big names have been affected by the hacking of insecure blogs.
Also, if you’re using a freely distributed blog theme then you might want to check that too in case it’s been laced with code that will allow unscrupulous others to take over your website.
I’m off to upgrade all of my pre-2.5 WordPress blogs!