(Ping! Zine Web Tech Magazine) – Enter “site:wordpress.com “Im getting paid!” into Google search and behold: A number of WordPress.com sites feature a notable scam message.
The occurrence happened after a large amount of web presences hosted via the popular blogging platform were reportedly hacked, according to TheHackerNews.com.
WordPress.com administrators followed up the incident by sending blog owners password reset notifications.
The scam message itself featured text reading, “Get Paid $5-$40 per survey, and they just take 5-10 minutes each!”.
Security firm Sophos noted the hack attack was likely due to weak user passwords. The company spoke with Automattic’s Barry Abrahamson who said users had been “sharing the same password across multiple services,” an incident that couldn’t be blamed on WordPress.com servers.
That being said, Sophos also noted users could “breathe a sigh of a refief.”
“It’s good news that the sites hosted on WordPress.com weren’t hacked due to a vulnerability. After all, many blogs choose to host on WordPress.com in order to avoid the headache of managing their own security and updates on self-hosted WordPress installations,” the company said via its Naked Security blog.