WordPress blogs being hacked
Been reading recently of problems with blogs running on WordPress software being hacked.
Mike Abundo explains the hack creates spam pages within blogs and creates hidden text links to those spam pages on other blogs. A single blog can fall victim to both.
Spam is bad enough on a professional blog. 'Good morning in-house counsel and consumers, here's the latest in porn for you direct from our blog.' Hidden text can be even worse as it can get you unindexed at Google.
Om Malik further references the hacking and explains the hackers' motivation:
- To infect visitors by exploiting a browser vulnerability
- To place ads they can then get revenue from
- To embed links to blogs they own, improving their page
- To entice people to click on links that lead them elsewhere
And it's just not happening at small time blogs. A ZDNet WordPress blog was hacked.
Don't treat this as a 'Chicken Little - the sky is falling.' But do not note that as a lawyer, you can't just throw up a blog and dismiss potential problems.
WordPress is a good solution supported by a vibrant open source community. But it has been susceptible to hacking.
There's a reason that not one of the 50 plus AmLaw 200 law firms is using WordPress for a firm branded blog.
