Stu McLaren’s Blog Gets Infected by Hackers

June 26, 2008

In my previous post “Bandwidth Limit Exceeded” I explained my frustration at being emailed a “not to be missed offer” but then unable to view the site due to the website exceeding its bandwidth!

Well in an attempt to contact the sender of the email, well known Internet Marketer Stu McLaren, I headed straight over to his blog.

http://myideaguy.com/blog/ (DO NOT GO THERE)

BUT I WAS IN FOR A SURPRISE…

A few moments after visiting the section:

http://myideaguy.com/blog/category/products/ (DO NOT GO THERE)

My installation of Kaspersky Security Suite ALERTED me to a TROJAN infection trying to infect my computer!!!

The culprit was: Trojan-Downloader.HTML.Agent.is

(HERE is a screenshot)

…a well known WordPress iFrame exploit, something perhaps Stu should have been alert to as his installation of WordPress is obviously insecure (a quick inspection revealed he is using version 2.3.3 INSTEAD of the latest version 2.5.1). Ignorance in business is no excuse when your customers are at risk

Drive-by downloads like this are an increasingly common way to infect a computer or steal sensitive information.

They usually consist of malicious programs that automatically install when a potential victim visits a booby-trapped website like Stu’s currently is.

Increasingly, criminals are using these drive-bys to install “keyloggers” that steal login and password information. Other pieces of malicious code hijack a computer turning it into a “bot”, a remotely controlled computer that can be controlled remotely without the owners knowledge.

Grim, I know but a reality on the Internet today.

The moral here is: If you have a WordPress blog SECURE it. If you are using the Internet make sure you have protection!

As for Stu McLaren’s blog… I have no idea how many of his website visitors have been infected but I guess I will not be going back there for a while…

Marc Liron