New worm attacks unpatched WordPress blogs

A new worm targeting WordPress blogs is currently on the move, according to reports. This new worm affects self-hosted WordPress blogs using a vulnerability that was detected in August; so users who have updated to the current version of WordPress 2.8.4 will not be affected.

What is of particular concern here is its evasiveness and difficulty to remove. According to a blog post by Matt Mullenweg, founding developer of WordPress, "This particular worm...is clever." He elaborated on how the worm registers a user, then leverages on the aforementioned security bug to allow evaluated code to be executed and make itself an admin. 

It doesn't end there, though: The worm makes proactive use of JavaScript in order to stay invisible on the WordPress user page, and goes "quiet"--even while it inserts hidden spam and malware into old posts.

For more on this story:
- check out this article at CNET News