Good Thing Hackers are Dummies too...
Posted by Jason Remillard on Wed, Jan 20, 2010 @ 08:21 AM
Whew… After Denis told me about what he found, I was quite concerned. After a little bit of digging, I was surprised, and somewhat thankful I suppose.
You see, in addition to hacking sites, and getting credentials, etc., these dummies made a mistake in their coding and effectively ‘broke themselves’. Which is just fine, since based on today’s quickscan numbers, there seems to be well over 40 or 50,000 sites currently in this state.
I guess we can be thankful they made an oopsie, but you can’t rely on that being your defense of course. Any current customer of 54f3.com is already protected from this sort of attack, and is highly recommended to upgrade Wordpress as per our previous notes.
Anyways, we’ll let you read more about the research here. I know, I know… We’ve been trying to hire Denis for a while now, but he’s a tough guy to ‘rope down’.. Perhaps, thats a good thing in this case 
Gumblar Breaks WordPress blogs and other complex PHP sites
http://blog.unmaskparasites.com/2009/11/04/gumblar-breaks-wordpress-blogs-and-other-complex-php-sites/