Yesterday seemed to be the start of a massive botnet campaign to exploit any outdated joomla or wordpress sites, infect them with multiple copies of a DDOS malware, and then use your site as a zombie for attacking other domains.
This was the core issue yesterday, and how we stopped part of it, but others continued.
The abuse reports about attacks yesterday are rolling in and it is right now mostly about 10 different sites with many copies of these files, but if your are hit with this due to an old installation not kept up to date, we will likely have to stop your site from processing any scripts until it is updated.
If you use joomla or wordpress you MUST stay on edge and update often or you will be hacked, defaced, or used as a trojan horse/zombie for others.
I should also note that a few have a lot of other domains in their accounts and the way permissions set, they may have bad files in some of those other domains even if only one uses wordpress/joomla.
This was the core issue yesterday, and how we stopped part of it, but others continued.
The abuse reports about attacks yesterday are rolling in and it is right now mostly about 10 different sites with many copies of these files, but if your are hit with this due to an old installation not kept up to date, we will likely have to stop your site from processing any scripts until it is updated.
If you use joomla or wordpress you MUST stay on edge and update often or you will be hacked, defaced, or used as a trojan horse/zombie for others.
I should also note that a few have a lot of other domains in their accounts and the way permissions set, they may have bad files in some of those other domains even if only one uses wordpress/joomla.