• Skip to primary navigation
  • Skip to main content
  • Skip to footer
WPSecurityLock – Malware removal & WordPress security services

WPSecurityLock – Malware removal & WordPress security services

WordPress security, malware removal, repair, backups, ongoing maintenance, installation, site migration & support services – WP Security Lock.

  • Facebook
  • LinkedIn
  • Twitter
  • Home
  • About
    • About Us
    • Speaker Information
    • Contact Us by Phone, Email or Live Chat
    • Testimonials
  • Security Services
    • Malware / Virus Removal
    • WordPress Security and Installation Services
    • Monthly Security Packages
    • SSL Conversion Service (HTTP to HTTPS)
  • Blog
  • Resources
  • Contact
  • SafeWP

WordPress Blogs Hacked Again iframe Corpadsinc – Network Solutions

April 19, 2010 By Regina Smola Leave a Comment

WordPress Hacked AgainOver the last couple of week, many WordPress websites hosted at Network Solutions were attacked with malicious code. Now, it's happening again. But…it's not just affecting sites running WordPress, it's also infecting Joomla and HTML sites too.

According to stopmalvertising.com, this malicious code contains an iframe pointing to corpadsinc[dot]com. It also sets a cookie that prevents analysis of these infected websites. Visitor's are being hit with the ActiveX_pack before delivering the usual Adobe PDF exploits CVE-2008-2992, CVE-2009-0927 and CVE-2009-4324.

Shashi Bellamkonda, at the Network Solutions blog, wrote a post entitled, “We feel your pain and are working hard to fix this.” He apologized and said that it might not be isolated to “file permissions.” They are working round the clock to fight this new internet threat and investigating the cause.

Not knowing the cause of this virus makes webmasters very nervous and I don't blame you. Hopefully they will get the answers soon so you can sleep better at night.

But there are some things you can do to protect yourself now…

  1. For help removing the errant code from your website, contact the Customer Support Team at Network Solutions. If they can't help you, feel free to contact us . We can get your site cleaned (any site…WordPress, Joomla, HTML, etc.) for only $89.
  2. Change your passwords now for extra safety measures, including your database, FTP, and hosting account. Here's a great strong password generator. Use a minimum of 14 characters (I use 18) with a combination of upper and lowercase letters, numbers and symbols. Make it so hard that you can't remember it and as ugly as possible.
  3. Always upload your files via SFTP or FTPES, so that your files are encrypted and not seen as plain text. Do this for everything you upload! If you don't know how, just ask us.
  4. If you're running WordPress, open up your wp-config.php file and change your database password to your new one (located around line 25). If you miss this step, your site won't work, since you changed it in Step 2.
  5. While your wp-config.php file is still open, change your Authentication Unique Keys (located around line 41). All you do is go to https://api.wordpress.org/secret-key/1.1/ and it will generate these new secret keys for you. Then copy and paste them inside the wp-config.php, save and re-upload it to your server.
  6. Update your anti-virus program on your computer, including all the latest virus definitions. If you don't scan your computer for viruses, STOP READING THIS POST RIGHT NOW and go do it! If you don't own a anti-virus program or can't afford to buy one, use AVG Anti-Virus Free Edition. If you want AVG's maximum protection, then click *here. Once you know your computer is virus-free, then you can come back and read the rest of this post.
  7. Once your site is fixed and you've done all the steps above, it's time to put a lock on your WordPress site. Read about our WordPress Security Services here . It's our specialty.

Please share your story with us and/or let us know what  behaviors you've seen with this virus, so we can spread awareness with others experiencing this. Just leave a comment below.

Securely yours,

Regina Smola

Follow on Twitter

*Denotes our affiliate link, see our Disclosure.

Filed Under: Malware and Virus Alerts Tagged With: corpadsinc, CVE-2008-2992, CVE-2009-0927, CVE-2009-4324, network solutions, wordpress hacked

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Let’s work together:

Get in touch with us and send some basic info about your project. Don't be shy, we can help with just about anything.

Contact Us!

Footer

  • Facebook
  • LinkedIn
  • Twitter

Contact

Call 815-600-7270
Contact
Mo,Tu,We,Th,Fr 9:00 am – 5:00 pm

Get WordPress Help Now

Chat With Us!
Submit A Support Ticket

Copyright © 2025 | WP Security Lock, Inc