As many of you already know, the WooTheme Framework (user by almost every Woo theme) has a bug that let a malicious to use your server of web space for any kind of illegal activity. In my case, they installed a DDOS script and used my server to attack many other with the risk to have my server switched off by the provider and with a lot of damage to the attacked services.
It took to me a lot to find the problem and finally, after the WooTheme alert email, I found the malicious file inside the [theme]/functions/js/shortcode-generator triggered externally to do a DOS against a number of IPs.
Grrrr, they burned out my monthly bandwidth in 2 days!
My excuses for my bad english but it's the only way I have to communicate with you. Would you suggest
a correction? Leave a comment, thank you!