Thursday, May 13, 2010

Alert: TinyMCE

I thought it was prudent to let others know I regularly see in my logs people attempting to go direct to a particular page on my site. No other page or file, just a particular page, which doesn't exist on my site.

I can't be sure, but this feels like a hacking attempting. Today I saw another attempt. When I checked where the person was located they were in Russia. The link they were trying to access was:

http://justlocal.com.au/plugins/editors/tinymce/jscripts/tiny_mce/plugins/tinybrowser/tinybrowser.php?type=file&folder=

As I said I'm not sure there is an exposure, but when I see a number of attempts to go directly to a single file in a site, to me, that is a good indication that perhaps someone is up to nefarious activities.

If you use or are thinking of using TinyMCE on your site, you may wish to make sure it is secure.

From what I hear and read there are a great number of hacked sites where owners of the sites don't realise their sites are being used by others without their knowledge. This can be for any purpose such as spreading malware, phishing attempts, garnering better placement in search engines, or many other purposes that we may never even think of. I'd highly recommend that if you run a site that you check your visitor logs and error logs on a regular basis. .


- Kelvin Eldridge

1 comment:

  1. Anonymous pointed out tinybrowser is a plug-in for TinyMCE. I hope that assists others.

    I don't have any knowledge of TinyMCE and my only desire is to let others know of unusual behaviour from my logs which may alert and thus assist others. Feedback like this is useful to others.

    Thanks Anonymous.

    - Kelvin

    ReplyDelete