The free forums are no longer in use. It remains available as read-only archive.
Log In
Home
4:32 am
February 25, 2014
Offline
I just recieved the following notice from my web host for two of my sites where I have the xcloner plugin installed. You may want to do a security audit on this:
It's come to our attention that your (gs) Grid-Service has been compromised and is hosting malicious files. These files are being used to relay spam and attack other servers on the Internet. This degrades your service, as well as the service of others, and is a large consumer of resources overall. While the plugin developer has not yet confirmed the presence of a vulnerability, we have noticed malicious scans targeting the 'xcloner-backup-and-restore' plugin installed at the following path:
/wp-content/plugins/xcloner-backup-and-restore/
As a result of the malicious scans, we found malicious files created on your (gs) Grid-Service through the requests made to the aforementioned plugin:
/wp-content/plugins/xcloner-backup-and-restore/language/it1bzz.php
/wp-content/plugins/xcloner-backup-and-restore/language/in8bah.php
/wp-content/plugins/xcloner-backup-and-restore/language/iha9nz.php
/wp-content/plugins/xcloner-backup-and-restore/css/a5ni84.php
/wp-content/plugins/xcloner-backup-and-restore/language/it1bzz.php
/wp-content/plugins/xcloner-backup-and-restore/language/in8bah.php
/wp-content/plugins/xcloner-backup-and-restore/language/iha9nz.php
/wp-content/plugins/xcloner-backup-and-restore/css/a5ni84.php
I have deleted your plugin folder from my sites, along with these files.
11:25 am
September 26, 2010
Offline
Hi Chris, we are working hard on posting an update soon to fix these attacks.
Regards, Ovidiu
6:42 pm
September 5, 2012
Offline
After this update the Xcloner plug in does not work
Warning: require_once(__DIR__/cloner.config.php) [function.require-once]: failed to open stream:
Please advise
All RSS1 Guest(s)
