1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

all my wordpress sites got hacked

Discussion in 'Blogging' started by abhimittal, Oct 25, 2009.

  1. abhimittal

    abhimittal Newbie

    Joined:
    Feb 1, 2008
    Messages:
    20
    Likes Received:
    68
    HELP ME FROM THE HACKERS

    I am hosting wordpress site on hostgator for last one year and had no problem but today when i checked my sites i was shocked as of my hosted sites got hacked. I had also installed wordpress plugin WP Security Scan, still my sites are hacked.

    Homepage is showing the following message not my site homepage

    ! Security ??? LiiVe FrEe Or DIE HarD !

    !![ Dr.Ze3lA ] Is BacK!!

    Mail Me : xv_x[at]live[dot]com
    -------------------------------------------

    My sites:(

    1stinventions dot com
    babieshut dot com

    I am currently using wordpress 2.8.4, I had upgraded few of my site to 2.8.5 and they are back.:D

    Please can any one guide me what's wrong, what should i do to prevent this in future.:confused:
     
  2. sleepparalysis

    sleepparalysis Registered Member

    Joined:
    Feb 9, 2009
    Messages:
    86
    Likes Received:
    34
    Location:
    US
    Use a unique secure passphrase for each wordpress account, your hosting account, for everything.
     
  3. LV John

    LV John Registered Member

    Joined:
    May 15, 2007
    Messages:
    52
    Likes Received:
    204
    Occupation:
    head janitor
    Location:
    lost wages
    this happened to me earlier this year...

    did the hacker put any malicious code on your site?

    has google put a visitor warning on your site stating malicious site or any other warning?

    what ftp program are you using? and do you use secure transfer?
     
  4. articlecash

    articlecash Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 23, 2008
    Messages:
    101
    Likes Received:
    101
    same thing happen to 5 of my wordpress blogs.

    it's hosted on justhost.
     
  5. topsytips

    topsytips Regular Member

    Joined:
    Aug 11, 2008
    Messages:
    334
    Likes Received:
    234
    Occupation:
    Self Employed
    Location:
    UK
    I'm with Hostgator also but no probs so far.

    I use a free plugin called Login Lockdown...try it out when you've re-installed everything.

    I'm sure I read about a couple of compatibilty issues with Security Scan but think these have been resolved now.

    Also, don't forget WP-Backup.
     
  6. Mstrpln

    Mstrpln Newbie

    Joined:
    Oct 24, 2009
    Messages:
    29
    Likes Received:
    3
    Location:
    .NL
    hey man I had this too once. what to do next?

    Install the exploit scanner plugin that scans your wordpress installation for shit that shouldnt be there.
    wordpress.org/extend/plugins/exploit-scanner/


    Use this plugin to prevent this from happening again!!!
    wordpress.org/extend/plugins/bad-behavior/
     
    • Thanks Thanks x 1
  7. r00t

    r00t Regular Member

    Joined:
    Dec 27, 2008
    Messages:
    310
    Likes Received:
    889
    Location:
    Mighty Europe
    Are you using latest wordpress version?
     
  8. polocolto

    polocolto Regular Member

    Joined:
    Apr 26, 2009
    Messages:
    241
    Likes Received:
    28
    Do you have any idea how the hacker got in. Do you think he figured out your password or was it an exploit? You got me worried now.
     
  9. justin

    justin Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 15, 2007
    Messages:
    505
    Likes Received:
    392
    Seems like your site is still down by some Moroccan Hackers
     
  10. Mstrpln

    Mstrpln Newbie

    Joined:
    Oct 24, 2009
    Messages:
    29
    Likes Received:
    3
    Location:
    .NL
    it's a like terrorist attack on your website
     
  11. gh0st

    gh0st BANNED BANNED Premium Member

    Joined:
    Feb 7, 2009
    Messages:
    92
    Likes Received:
    47
    Here is a list of exploits that wp is vaul to:

    http://milw0rm.com/search.php
    Type in wordpress in search

    If you have any of those plugins then you can be injected
     
    • Thanks Thanks x 1
  12. Xalamon

    Xalamon Junior Member

    Joined:
    Apr 20, 2009
    Messages:
    112
    Likes Received:
    24
    Occupation:
    Web Production
    Location:
    Elsewhere
    Try updating your instalations to the latest versions. You should still have access to:

    Code:
    http://babieshut.com/wp-admin
    And
    Code:
    http://1stinventions.com/wp-login
    If the upgrade to the latest version doesn't work, make sure you get rid of the exploid by using exploid scanner plugin.

    Good luck and keep us posted
     
    • Thanks Thanks x 1
  13. armtor

    armtor Newbie

    Joined:
    Oct 2, 2008
    Messages:
    32
    Likes Received:
    3
    have the same problem and were trying to resolve it right this very moment.

    so what's the consequence if google has placed a warning on the blog (something like "this site may be harmful to your computer")? what should be done to remove that warning? obviously this is bad for the blog's reputation and we are worried it might shoo away our loyal and prospective readers...

    any help and suggestions would be appreciated. thanks.
     
  14. kanshu

    kanshu Regular Member

    Joined:
    Sep 11, 2009
    Messages:
    212
    Likes Received:
    28
    Occupation:
    Computer programmer
    Location:
    Cebu City, Philippines
    Home Page:
    Hmm. This thread got me reading about WordPress hacks and exploits. From what I read so far at wordpress.org, only older versions of WordPress seems to be affected. The latest version seems to be immune.
     
  15. truid

    truid Junior Member

    Joined:
    May 1, 2009
    Messages:
    127
    Likes Received:
    479
    Same thing happened to me on some of my WP sites. But I upgraded to the latest version and haven't had any trouble since.
     
  16. CyrusVirus

    CyrusVirus BANNED BANNED Premium Member

    Joined:
    Aug 20, 2009
    Messages:
    1,110
    Likes Received:
    686
    i have yet to have a problem with any of my wordpress, but now that you mention it, i will check and recheck everything, do a few scans. maybe you should too.
     
  17. angelas111

    angelas111 Jr. VIP Jr. VIP Premium Member

    Joined:
    Jan 4, 2009
    Messages:
    1,569
    Likes Received:
    1,016
    Location:
    ohio
    ok, what do you do if you have one of those plugins installed? i do and find it very much a pain in the ass to upgrade my wordpress all the time. is there another plugin i can install to protect me?
     
  18. _TwaT_

    _TwaT_ Newbie

    Joined:
    Jul 8, 2009
    Messages:
    37
    Likes Received:
    8
    Most likely, the hacker didn't need a pw for admin priviledges. A simple SQL Injection or RFI exploit would allow him to have free reign over the site. I'm not sure about security in this particular part because I've never ran a site with WP on it. Only on php and basic html. If the hacker did use a pw, a brute forcer is all it would take, it doesn't take but a second or two for the hacker to retreive your pw from a brute force or exploit.
     
  19. ferris

    ferris Regular Member

    Joined:
    Apr 25, 2009
    Messages:
    262
    Likes Received:
    246
    If you used Fantastico to set up your blogs, this is the reason.

    Fantastico makes all easy, for crackers too :p
     
  20. arybegok

    arybegok Junior Member

    Joined:
    Dec 8, 2008
    Messages:
    110
    Likes Received:
    2
    login to yor cpanel and password protected wp-admin folders