Millions of blogs hosted on WordPress.com can breathe a sigh of relief – although a hacker did manage to break into thousands of sites and publish a make-money-fast advert, it wasn’t because of any vulnerability on the WordPress.com site itself.
Instead, it seems users had simply been careless with their password security.
One affected WordPress.com user told THN that he had discovered hackers had published a page containing a money-making advertisement (pictured below).
A Google search for
site:wordpress.com “Im getting paid!”
finds evidence of thousands of sites that suddenly found they had unwittingly published “Im getting paid!” webpages…
Read more in my article on the Naked Security website.