Google starts to block hacked WordPress blogs as malware

This is nothing new - they do it to everyone that they detect as hosting malware. I cleaned up a clients site that was experiencing this about 8 months ago.

Hacked blogs can be used to upload malware as well as shells and tools that can be used for spamming/phishing, so all the same thing. Decent first step.<p>This is also a big reason why we started Webpub.com (startup), it keeps all your WordPress insallations auto-updated without you having to do anything. And soon plugins/themes and other scripts like Drupal, Magento etc. Spent the last year building a framework on the bottom for secure FTP/Web interaction, an XML-API for the middle, and the frontend just launched about 50 days ago.

Sure, why should a hacked wordpress blog be treated any differently from any other site distributing malware?

They should include WordPress blogs using the OnSwipe theme in the block list. They often crash the browser due to their out of control memory usage.

This serves as a reminder for me to upgrade my installation.<p>I was wondering if they flag hacked themes only, installations too.

Quick plug - I host a lot of my friends websites for them on Webfaction. I uploaded a theme from Woothemes for a friend that contained (without me knowing) an outdated version of timthumb.php. Webfaction emailed me that the plugin was outdated and automatically upgraded it to the newest one.<p>I've had no complaints with them and if you're worried about this sort of activity you might want to consider switching to use them as a hosting provider.

They really should deal with spamming/phishing blogspot blogs first.

They were doing it years ago.