Backdoor found in Piwik analytics software
More info:
http://www.h-online.com/open/n…tware-Update-1757246.html
Updated:
Update (13:40) - The Piwik developers have now published a blog posting about the security incident. They say the code now available on their website is free from the malware. Access to the Piwik server was obtained through a vulnerable WordPress plugin used on the site. The developers also include instructions on how to clean a compromised Piwik installation; essentially by backing up the Piwik configuration file and then deleting the entire Piwik directory and installing a freshly downloaded copy of the software.