/?a=fetch&content=die(@md5(HelloThinkCMF))

This blog post is brought to you by the developer of BitBudget. BitBudget is an automated budgeting app for Android and iOS which syncs with your bank account and helps you avoid overspending. If you’d like to quit living paycheck-to-paycheck and get a better handle on your finances, download it today! https://bitbudget.io

“Ha! I hacked you!” the L337 haXX0r wizard snickers.

Just kidding dear internet friend! If you’ve noticed unusual traffic to your WordPress sites homepage that includes the HTTP GET request query parameters /?a=fetch&content=die(@md5(HelloThinkCMF)) there shouldn’t be anything to worry about as long as you are running the most recent version of WordPress.

But yes, apparently this is some sort of old WordPress exploit that doesn’t work anymore. Tonight I happened to notice unusual traffic with this pattern to my personal blog, so that’s how I heard about it. However, I think I’m going to get the last laugh, as I have a feeling this blog post is going to end up driving a ton of legitimate traffic to my blog.

So ha! I hacked you! L337 haXX0r wizard. Thanks for the traffic.

 

topherPedersen