Still getting attacked by people using the forged images at,  looking to exploit an old timthumb.php vulnerability. I sent three mails using the contact form at but received no response so far. Files are still available for use and i wonder how many blogs with themes using an outdated version of timthumb.php were “captured” already.

What annoys me is that people don’t react and remove that shit from their server(s) as soon as they know there’s something that doesn’t belong there and is used to to spread havoc over the internet by allowing ping/udp flooders to run or take over entire servers and use them for spamming. Probably time to check what exploit was used on that site and remove that shit myself. Looking at the plugins they run and the outdated version of WordPress it shouldn’t be too hard.

Be the first to comment

Leave a Reply

Your email address will not be published.

I confirm