Sunday, June 3, 2012

General warning FGALLERY Wordpress HACK!

Most of the website that are hacked in Wordpress have the plugin Fgallery in it. You find then in the upload directory all kind of PHP files and HTML files. Some that we see are : astro.html Here a example : All the files can contain viruses or bad links, so do NOT click on them!!!! We did try to warn them as well. To bad they have there contact information secured :-( The trick is that they send you a email in the hope that you click on a link. The link is directed to this directory. Here is the email from this link. (Document.doc points to the astro.html file) ________________________________________________________________ Subject: Termination of your CPA license. Cancellation of CPA license due to tax return fraud allegations Valued accountant officer, We have received a notice of your alleged participation in tax return fraud on behalf of one of your employers. According to AICPA Bylaw Paragraph 765 your Certified Public Accountant status can be terminated in case of the act of presenting of a incorrect or fraudulent income tax return for your client or employer. Please find the complaint below below and respond to it within 21 days. The failure to respond within this term will result in suspension of your Accountant license. Complaint.doc >>>>>> astro.html above website! The American Institute of Certified Public Accountants. Email: Tel. 888.777.7077