If you’ve visited WeArePartyAnimals.org recently, cheap you may have seen a weird warning pop-up from your Anti-Virus program (I use AVG) that mentioned “Blackhole Exploit Kit.” Apparently it has also shown up as some sort of Adobe update. If you haven’t seen it, generic good! Apparently it only sends out the virus intermittently in order to be more difficult to detect.
Unfortunately I haven’t been able to find a sufficient explanation for clearing our servers of this theat… UNTIL NOW! Today I was looking for a solution (again) and I came across this article from ComputerPartsGreenville.com. I was able to fix the problem in under 5 minutes. Thanks, see Carl from Computer Parts Greenville!
Here is the easiest way to fix the Blackhole Exploit Kit virus on a WordPress site:
Download the Timthumb Vulnerability Scanner and then upload it to their plugins directory. Webmasters should then navigate to the Tools tab in their WordPress admin panel and then click the Scan button. The scanner will identify infected thumb.php and timthumb.php files, but webmasters must manually delete them. Next, users can choose to update vulnerable files.
For more information on the Blackhole Exploit Kit virus, check out these links
http://www.computerpartsgreenvillesc.com/secrets-of-the-blackhole-exploit-kit-revealed/
http://www.computerpartsgreenvillesc.com/blackhole-exploit-kit-faking-google-analytics/
http://www.computerpartsgreenvillesc.com/woo-themes-framework-and-blackhole-exploit-kit-attacks/
UPDATE:
Also make sure to check this file “wp-includes/category-template.php”
I found malicious code added to the top of the file