Yesterday, our WordPress main website at www.hybridcluster.com was compromised resulting in a warning message from Google for users of the Google Search engine, the Google Chrome browser and other browsers using the Google Safe Browsing API.
WordPress was compromised by a bad plugin however our FlexContainer environment kept the bad code securely isolated. We reacted by using the Data Vault to isolate when the incident occured and again to roll back and patch the affected plugin. At the same time, we took steps to harden our WordPress installation so that the issue doesn’t reoccur.
The Google Safe Browsing API does not distinguish between subdomains so the launchpad at my.hybridcluster.com was also flagged as malicious. my.hybridcluster.com is innocent of these charges which can be evidenced here:
Google Safe Browsing page for www. http://www.google.com/safebrowsing/diagnostic?site=www.hybridcluster.com
Google Safe Browsing page for my. http://www.google.com/safebrowsing/diagnostic?site=my.hybridcluster.com
We will be taking a more pro-active stance with WordPress plugin security in future. No user data was compromised as only our front-end site was affected.
Sorry for the inconvenience!
The HybridCluster Team