According to this site,
http://arstechnica.com/security/2014/07/mass-exploit-of-wordpress-plugin-backdoors-sites-running-joomla-magento-too/
Quote:
The malware injection code is actually trying to compromise all PHP
files that it can on the server. So if you have a site at
/var/www/site1.com
Sandy writes:
http://arstechnica.com/security/2014/07/mass-exploit-of-wordpress-plugin-
backdoors-sites-running-joomla-magento-too/
...
Can you reassure us that PmWiki.org has proper fences,
Yes, the server account containing the pmwiki.org website is separate from
other accounts with
