background preloader


Facebook Twitter

How to Diagnose and Remove the WordPress Pharma Hack. A few weeks ago, I started receiving tweets and emails from people who claimed that search results for my site were looking more like a pharmacy than a helpful Web resource.

How to Diagnose and Remove the WordPress Pharma Hack

Of course, upon hearing such blasphemy, I immediately opened a new browser tab, looked around to make sure no one was watching, and then started Googling myself…and if you think that is some NC-17 material, wait til you see what my search results looked like: Figure 1. Real-time Web Monitor. Cross-site request forgery. History[edit] CSRF vulnerabilities have been known and in some cases exploited since 2001.[3] Because it is carried out from the user's IP address, some website logs might not have evidence of CSRF.[2] Exploits are under-reported, at least publicly, and as of 2007[4] there are few well-documented examples.

Cross-site request forgery

About 18 million users of eBay's Internet Auction Co. at in Korea lost personal information in February 2008.[5] Customers of a bank in Mexico were attacked in early 2008 with an image tag in email. The link in the image tag changed the DNS entry for the bank in their ADSL router to point to a malicious website impersonating the bank.[6] A Webcomic - Exploits of a Mom.