Sucuri reports WPStats.org, Advanced Search plugin as spam

1 Comment

This morning Sucuri reported that a website called WPStats.org seems to be behind a series of blackhat spam cases. Code found on compromised websites includes a call to WPStats.org for a Javascript file that hides a slew of spam links on the targeted website.

Along with the spam, the same group’s “Advanced Search” plugin includes hidden links and another callback to the WPStats.org website. The plugin itself has been removed from the WordPress.org plugin directory. If you’re already using the plugin, you should remove it immediately and run your site through a scanner (like Sucuri’s SiteCheck tool) right away.

For a breakdown of the offending code snippets, and exactly what to look out for on your blog, see Sucuri Security’s blog post.

One thought on “Sucuri reports WPStats.org, Advanced Search plugin as spam

  1. Yes, wpstats.org is a bad site and this has been known since last sometime mid-2011. It’s globally banned from all of WordPress.org, including the plugins directory. Every once in a while, they create a new account and try to sneak in more malware plugins.

    The plugin that Securi is referring to (advanced-search-plugin) was removed from the Plugins directory back in October. Since then, they’ve tried to get in at least 4 times I know of.

Comments are closed.