Botnet authors crash WordPress sites with buggy code
Other sites that use complex PHP are also affected
Webmasters who find an annoying error message on their sites may have caught a big break, thanks to a slip-up by the authors of the Gumblar botnet.
Tens of thousands of Web sites, many of them small sites running the WordPress blogging software, have been broken, returning a "fatal error" message in recent weeks. According to security experts those messages are actually generated by some buggy malicious code sneaked onto them by Gumblar's authors.
Gumblar made headlines in May when it appeared on thousands of legitimate Web sites, posting what's known as "drive-by download" code that attacks infected visitors with a variety of online attacks. The botnet had been quiet during July and August, but recently has begun infecting computers again.
Apparently, however, some recent changes made to Gumblar's Web code caused the problem, according to independent security researcher Denis Sinegubko. Sinegubko learned about the issue about five days ago when he was approached by one of the users of his Unmask Parasites Web-site checker. After investigating, Sinegubko discovered that Gumblar was to blame. Gumblar's authors apparently made some changes to their Web code without doing the proper testing, and as a result "the current version of Gumbar effectively breaks WordPress blogs," he wrote in a blog post describing the issue.
http://www.networkworld.com/news/2009/110409-botnet-authors-crash-wordpress-sites.html