All Posts By

admin

WordPress Security: Nulled Scripts and the CryptoPHP Infection

By | Security | No Comments

Our friends over at Fox-IT based in Delft in the Netherlands just contacted Wordfence with some amazing research they’ve just published. If you’re technically minded and want as much detail as possible, I recommend you skip this blog entry and head straight over to the Whitepaper that Fox-IT has published on the CryptoPHP backdoor (It’s 50 pages). I’ve summarized the details and our response:

Nulled scripts are commercial web applications that you can obtain from pirated websites that have been modified to work without a license key. They are the web equivalent of pirated software. They include commercial WordPress themes and plugins.

Wordfence Original Article

It’s come to our attention courtesy of Fox-IT that nulled scripts are being distributed via several websites with a sophisticated infection pre-installed. Fox-IT have dubbed it CryptoPHP because of the fact that it encrypts data before it sends it to command and control servers.

<?php include('assets/images/social.png'); ?>

If you’re a PHP developer you will immediately recognize this as looking strange: It is a PHP directive to include an external file containing PHP source code, but the file is actually an image. Inside this image file is actual PHP and the code is obfuscated (hidden through scrambling) to try and hide the fact that it’s malicious.

If you’re a Wordfence customer, and you are doing scans, the default settings for Wordfence do not scan image files for infections. However we are aware of these kinds of infections so a while back we added an option to scan image files as if they are PHP code. However with the detection we just added, Wordfence will detect the ‘include’ directive above in your PHP source, so even if you haven’t enable image-file scanning, you will still catch all known variants of this infection provided you are running the newest version of Wordfence.

Fox-IT has determined that the purpose of the malware is, currently, to engage in black-hat SEO by injecting links to other, presumably malicious, websites into your content. However this infection is sophisticated and it communicates with command and control servers that can instruct it to do a variety of tasks including the ability to upgrade itself. So this is a classic botnet infection which turns all infected websites into drones that can be instructed to do just about anything, from sending spam email to SEO spam to hosting illegal content to performing attacks on other websites.

The researchers think they may have identified the location of the author. Inside the code of the malware is a user-agent (browser) check that checks to see if the web browser user-agent equals ‘chishijen12′. If it does, then the application is instructed to output all PHP errors to the browser, presumably for debugging purposes. Fox-IT found an IP address that is associated with that user-agent and the IP is based in the state of Chisinau in Moldova. The name of the state is similar to the user-agent string, which gives their theory some credence.

This infection doesn’t just affect WordPress but affects Drupal and Joomla too. The detection we’ve added will actually detect the infection in Drupal or Joomla source code too if that lives under your WordPress directory.

If you’re an enterprise customer and are using an IDS like Snort or the EmergingThreats ruleset, Fox-IT have created Snort signatures which are in the whitepaper and I see that EmergingThreats have updated their open ruleset today to detect this.

You can find the full white paper discussing this new threat here and it includes quite a bit of technical detail if you’re a developer or information security researcher.

Please help spread the word about the danger involved in downloading or distributing nulled scripts and help keep the community safe.

InfoWorld spotlights Liquid computing: The next wave of the mobile experience

By | Weekly Trends | No Comments

The traditional enterprise workflow is ripe for huge change as the focus moves away from working in a single context on a single device to the workflow being portable and contextual

Infoworld: Your computing life began with a single screen. Today, you probably have three to five screens or more: a work computer, a smartphone, multiple home computers, maybe a tablet. Soon, you may add a smartwatch and a new wave of mini-devices ushered in by the Internet of things. With this multiplicity, the idea that you have a “primary” device slips away. Instead, the heart of your compute experience rises to a cloud where you are at the center. For that ascent to be complete, however, each of your devices needs to be seamlessly connected with the others.

InfoWorld’s executive editor, Galen Gruman, has coined a phrase for this: “liquid computing.” As this “The New Enterprise Workflow” Digital Spotlight explains, Apple, Google, and Microsoft are already testing this new modality, so that your work—not just the data, but what you’re doing with it at any given moment— can flow instantly to any device in your personal cloud ecosystem.

Liquid computing has far-reaching implications for business: The increase in productivity will be stunning, but the loss of control over data will cross an alarming threshold for many IT professionals. In this Digital Spotlight, Gruman and InfoWorld contributors Paul Roberts and Fahmida Rashi, examine the reactions of vendors and customers alike to this new reality. The redefinition of personal computing couldn’t be more profound.

Get “The New Enterprise Workflow” Digital Spotlight from InfoWorld, and learn:

What liquid computing is and why it matters to your company
How to adapt enterprise workflows to liquid computing
Learn how digital rights management (DRM) will factor into this new world

Original Article By InfoWorld Staff

WebWizards® Launches In-Person App Assistance.

By | News, Weekly Trends | No Comments

WebWizards Network’s Certified Ground Support Pros Provide Personalized Assistance With Social Media; Mobile Apps; Browser-Based Applications and Web Presence Services

LOS ANGELES, CA – WebWizards® Network, Inc., a full-service Internet education and support company, today announced the launch of the company’s innovative in-person Internet and mobile device support service. The company’s Ground Support service is borne out of the WebWizards philosophy that Internet users are better supported when they are shown how online applications work, face-to-face, be it Facebook, iTunes, Google Hangouts, Amazon, eBay or hundreds of others.

The WebWizards service provides a network of young Internet professionals across the United States who will provide on-site assistance for users, particularly in the 35-64 age demographic. The WebWizards business is meeting a growing national demand for in-person Internet education and service. According to recent studies, 60% of Internet users typically will not take the time to read help menus, wade through tutorial videos, wait on hold for Internet support or deal with 3rd-world outsourced servicing.<!–more–>

Currently available in California, with plans underway for a national footprint, the WebWizards Network will offer in-person support to Internet and mobile web customers at their home, office, or at one of the individually licensed WebWizards Retail Centers.

One example of an area in which the WebWizards on-site personalized Internet support is extremely relevant is in the increasingly complex mobile technology arena, where many users do not understand app usage and privacy issues, including how an app gathers information.

WebWizards maintains and deploys its professional support system through an online portal, at www.webwizardsnetwork.com, and through geo-targeted mobile applications. Consumers request services from its public website http://www.webwizards.pro.

The company recruits qualified Internet professionals from across the U.S. who become certified WebWizards Ground Support Pros. College students, for example, who want to earn income while leveraging flexible work schedules, are particularly attractive for the growing WebWizards Network.

WebWizards offers its service to individuals and businesses with items such as setting up email, connectivity performance, online and mobile application assistance, web presence needs, private instruction, online input and any other Internet-related issues. Certified WebWizards Ground Support Pros receive text messaged work orders with instructions regarding the customer’s Internet issue and coordinates to the customer location (within a 10-mile radius of the support pro). The support pros choose to accept or pass on the project and if rejected, the project is passed to the next closest support pro with the greatest related knowledge matched to the issue. Customers are then invited by email to grade the support pro and the experience overall.

“Internet users, and especially families, need a place to visit locally when it comes to Internet questions,” states WebWizards Founder, Chick Ciccarelli. “We aim to become America’s most trusted retail brand when it comes to Internet education and support. People may be engaged online, but they live on the ground, and that’s where they will receive the support of dependable, qualified professionals who can answer their questions in-person, rather than sifting through help menus or surrendering their computer screens to some remote, disembodied voice.”

WebWizards is also launching an ambitious licensing model for brick n’ mortar retail locations across America, where locals can gain access to Internet support, education, services and products. These family-friendly locations will feature public classes several times a week about current issues related to the Internet, such as cutting-edge trends, application usage, cyber-security, and cyber-bullying, for example. The WebWizards locations will also serve as venues for Internet companies to present their latest online products and services on a regular basis.

“According to American Express, in the last year 67% of online customers have hung up the phone because they couldn’t talk to a real person and 91% of Internet users have been frustrated with online help options at least half of the time,” states Ciccarelli. “This lack of human contact is not only painful for users, but poses a serious problem for online developers and e-commerce portals. With the WebWizards Network system, we get closer to the end-user than anyone can because we’re sitting with them at their computer.”

About WebWizards Network, Inc.
WebWizards® Network is a unified system of Internet service associates across America that offers personalized ground support, private/public classes and web presence services from WebWizards® branded brick n’ mortar retail locations, mobile support vehicles and authorized resellers. The business model is the first of its kind in the Internet industry. For more information, visit the company web site at http://www.webwizardsnetwork.com

Mobile And Web App Technology Customer Service

By | Experiences | No Comments

Easing The Mobile And Web Application Technology Curve: A New Paradigm For 21St-Century Customer Service

In the beginning of the Internet era, the PC reigned supreme. As the desktop publishing world, and the transition from typewritten documents to desktop-created documents grew, the technology consumer became familiar with a world that relied on offline and online applications. PCs and ISP subscriptions were sold side by side, in a glorious period for all companies tied into this massive technology shift. Businesses and consumers now were connected, with a greater understanding of how the browser could change their lives. Suddenly, consumers had a way to communicate and connect with product and service companies in new ways.

But the Internet became more complex for the average user and customer service waned to such a degree that even ordering DSL from larger providers seemed daunting: true one-on-one customer service was outsourced or driven into the background, creating opportunities for smaller customer service providers, but largely stymying the overall customer service experience.

The mobile world has made this conundrum a deeper issue for consumers. To use a term, only “native” consumers – those born into the mobile era – seem to have an intuitive sense of how applications are searched, consumed, and shared. But, for the 35-year-old and up audience, native mobile intelligence is not so readily achieved. Added to already existing feelings of customer service alienation, this audience needs greater attention.

According to Parks Associates, the market opportunity for customer support innovation is largely untapped, and will grow to $8.25 billion by the year 2017. This opportunity includes the facilitation of “holistic technical support and collaborative customer care, providing capabilities beyond what any single user, advanced or novice, could achieve on their own.”
As customer care needs grow, with the accompanying complexities of web and mobile applications, a new paradigm in customer care must be achieved.

I have been a user of web and mobile technologies since their inception, and have seen the depletion of customer care over the past 15 years reach levels that, to me, would seemingly impede the growth of the industry. Simply put, if general users of web and mobile applications do not have the adequate support that they require, they will cease to become customers. They will become stagnant non-users.

We created a solution to this problem that I think addresses a fundamental need for the non-technical user – a network of in-person assistants who can actually travel to a person’s office or home, or meet that person at a nearby retail center, to help with online and mobile applications – from ecommerce sites, iTunes and eBay to social apps like Facebook and more – with the specific goal of providing a better understanding of how online apps work, thereby creating a better user experience – and most importantly, allowing the end user to gain more personalized customer support.

This concept became what is now WebWizards Network, Inc., a full-service Internet education and support company. This notion of in-person web and mobile device support service includes certified ground support professionals who can assist with social media; mobile apps; browser-based applications and web presence services. Young Internet and mobile professionals across the United States provide the bulk of the WebWizards support network, targeting people mostly in the 35-64 age demographic. According to Harris Interactive, 60% of Internet users typically will not take the time to read help menus, wade through tutorial videos, wait on hold for Internet support or deal with 3rd-world outsourced servicing.

Currently available in California, with plans underway for a national footprint, the WebWizards Network will offer in-person support to Internet and mobile web customers at their home, office, or at one of the individually licensed WebWizards Retail Centers.

One example of an area in which the WebWizards on-site personalized Internet support is extremely relevant is in the increasingly complex mobile technology arena, where many users do not understand how to remove apps, or understand how apps gather information.
WebWizards maintains and deploys its professional support system through an online portal, at www.webwizardsnetwork.com, and through geo-targeted mobile applications. Consumers request services from its public website www.webwizards.pro.

The company recruits qualified Internet professionals from across the U.S. who become certified WebWizards Ground Support Pros. College students, for example, who want to earn income while leveraging flexible work schedules, are particularly attractive for the growing WebWizards Network.

WebWizards offers its service to individuals and businesses with items such as setting up email, connectivity performance, online and mobile application assistance, web presence needs, private instruction, online input and any other Internet-related issues. Certified WebWizards Ground Support Pros receive text messaged work orders with instructions regarding the customer’s Internet issue and coordinates to the customer location (within a 10-mile radius of the support pro). The support pros choose to accept or pass on the project and if rejected, the project is passed to the next closest support pro. Customers are then invited by email to grade the support pro and the experience overall.

We believe this is one major step in the right direction in helping the mobile industry grow smoothly and educating end users so they will continue to be willing purchase the devices and apps being developed without the fear of non-support.