We’re WeWatchYourWebsite.
This company was started to address the growing need for website security. Hackers attack all websites – large and small. While the majority of our customers are small businesses, our principles apply to all websites.
If you would like to contact us, please do:
WeWatchYourWebsite.com
(847)728-0214
traef@wewatchyourwebsite.com
Thank you.
Hello,
After researching the following;
http://wewatchyourwebsite.com/wordpress/2011/11/wordpress-websites-infected-through-outdated-contact-form-7-plugin/
I can confirm that it is not contact-form-7 being exploited but some other vulnerability which we are not sure of just yet. I have had several cases of this so far and a few of them did not have contact-form-7 installed.
I understand that not all infections with this code have been the result of contact-form-7, but in all cases with outdated contact-form-7 plugins the repeat infections were frequent. Now that contact-form-7 has been updated the infections have stopped.
Hackers frequently use the same infectious code on different types of exploits.
Can you share your research? What other common traits are you seeing?
ajaxfilemanager is the exploit it appears.