Is Your WordPress Install Selling Handbags?

If you administer a WordPress powered website, you might want to check the directory structure, especially the WP-Content/Upgrade and WP-Content/Uploads to see if you notice a folder called Tall. According to the folks at WPMU.org, one of their co-workers websites became a victim to an attack that involved an entirely new WordPress installation being installed along with an e-commerce system. While Google is reporting a ton of results, most of them appear to be sub-pages within the hacked domains and not individual sites. I’ve checked my own installs and everything seems to be fine. It needs to be stated that this is not known to be an exploit specifically with the WordPress software although the project team is aware of the findings by WPMU.