Researchers have warned bloggers over an outbreak of attacks targeting the WordPress publishing platform.
Security firm M86 Labs said that the 'Phoenix' exploit kit has been targeting a flaw in the WordPress 3.2.1 platform. The company estimates that in recent days, hundreds of sites have been infected by the attack.
Designed as an automated kit for infecting systems, Phoenix allows malware distributors to automatically embed exploit code into their sites.
Upon visiting a page, the attack site will attempt to perform a number of common exploits on browsers and popular tools such as Java in order to place a Trojan downloader on the target system.
M86 now believes that the kit is attempting to compromise sites in order to evade web screening technologies such as URL filters and reputation screening platforms.
The compromised sites have been edited with an additional page which redirects to an external attack site.
"Accessing any page on these compromised WordPress sites, other than the uploaded page, will not infect the user’s machine," the security firm said in its report.
"The general motivation of attackers to compromise web sites is mainly to bypass URL reputation mechanisms, spam filters and certain security policies."
The company is advising users to exercise caution when presented with links in unsolicited or suspicious messages.
WordPress has in the past proven itself to be a popular target for attacks. A number of botnets and scam operations have used compromised blogs to redirect traffic to attack sites and lure visitors from popular search queries.