Israelis use Free Software to inject malware to blogs
tomerc at gmail.com
Tue Jan 24 12:25:23 IST 2012
base64_decode isn't the only evidence for some suspicious activities.
Others use some openssl functions to encrypt their code, and I guess there
are other options as well. It is better to always look into the code before
using it, especially when it comes from unknown/untrusted sources.
The Israeli WordPress theme scene is indeed very small, but they are not
well-educated about the meaning of GPL and what they should do after fixing
a bug in the code or customizing some code to have Hebrew support or
right-to-left. This is why I prefer to use the code from the original
maintainer and not forks made by people who change few words in the code
and ship it as their own creation without notifying the original
theme/plugin maintainers and contributing the code upstream.
The recent panic could be an opportunity to us to publish our thoughts and
ask coders to better behave in the Open Source scene.
On Tue, Jan 24, 2012 at 12:13, Ira Abramov <hamakor at ira.abramov.org> wrote:
> Read this: http://n2b.org/archives/2316
> If you have a Wordpress blog and you've used a Hebrew-converted theme from
> Mastergate, you probably have malware on your site.
> crude quick way to find potential problems: run ' grep
> "eval.*base64_decode" * -r ' on your web directories.
> The Israeli Free Software scene is small and we should go out in a unified
> strong declaration against such ethical/legal violations, possibly also a
> GPL violation. This pond is too small to piss in and stay unpunished. I say
> the responsible parties need to be named and condemned, and I personally
> hope one of the people affected would sue them as well.
> Discussions mailing list
> Discussions at hamakor.org.il
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Discussions