1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

BEWARE!!! Wordpress HACKER!!

Discussion in 'Blogging' started by blackhatjeiboy, Sep 12, 2011.

  1. blackhatjeiboy

    blackhatjeiboy Registered Member

    Joined:
    Jun 14, 2011
    Messages:
    77
    Likes Received:
    29
    Location:
    Somewhere in Asia
    Wordpress users out there you must aware on this, my client was one of the victim of this wordpress hacker.

    Go to google and type "Hacked By Yachiine" and check how many wordpress sites was hacked. The hacker changed the index page of the site into a dark color with a boy standing carrying a black rose. And anyone knows how to solve this?
     
  2. aiteampl

    aiteampl Junior Member

    Joined:
    Jun 2, 2011
    Messages:
    112
    Likes Received:
    41
    Occupation:
    web designer
    Location:
    London UK
    Home Page:
    • remember to update your WP :)
    • always use proper passwords like: Pa$$w0rd <- upper, lower case, special signs and numbers.
    • generate proper ftp passwords
    • update all themes which use timthumb!
    • change default admin - login to your username

    and you should be fine :)
     
    • Thanks Thanks x 1
  3. blackhatjeiboy

    blackhatjeiboy Registered Member

    Joined:
    Jun 14, 2011
    Messages:
    77
    Likes Received:
    29
    Location:
    Somewhere in Asia
    Are you the hacker? :) just kidding, anyway thanks for that info dude. my client's WP is updated and passwords are made properly, only the username he use is admin I think that's the reason, but I have a question why do you say update all themes which use timthumb ?
     
  4. topsytips

    topsytips Regular Member

    Joined:
    Aug 11, 2008
    Messages:
    334
    Likes Received:
    234
    Occupation:
    Self Employed
    Location:
    UK
    A handful of my sites were hacked last month because my theme used timthumb. A lot of people just checked for the plugin.

    I had actually checked for thumb.php etc (and updated the file in one theme I was using) but the developers had re-named the file in my case.

    So yeah, I agree with Aiteampl, update your themes also, asap, before Google blacklists your sites.
     
    • Thanks Thanks x 1
  5. shankshera

    shankshera Junior Member

    Joined:
    May 18, 2010
    Messages:
    193
    Likes Received:
    25
    I use WP Security Scan, is that enough?
     
  6. dee_838

    dee_838 Junior Member

    Joined:
    Jul 12, 2011
    Messages:
    120
    Likes Received:
    7
    Yestrday i got 250 sql attacks
     
  7. euhero

    euhero Regular Member

    Joined:
    Jun 21, 2011
    Messages:
    253
    Likes Received:
    209
    Location:
    Somewhere in space
    I think his not really that smart. He uses the same image for every website.,

    I think this is his facebook account base on the id of the images

    Code:
    http://www.facebook.com/profile.php?id=100001487030524&sk=wall
     
  8. euhero

    euhero Regular Member

    Joined:
    Jun 21, 2011
    Messages:
    253
    Likes Received:
    209
    Location:
    Somewhere in space
    Yahp, its his facebook page alright. base on his email. LOL, why is he using his real email. You can sue him for this. Its illegal when touched others property, Based on his performance his just a kiddie
     
  9. Florist88

    Florist88 Newbie

    Joined:
    Jul 24, 2009
    Messages:
    43
    Likes Received:
    7
    Make sure your wordpress version is the latest one, and I believe there are a number of plugins available to help guard your site against hackers
     
  10. kaooo

    kaooo Junior Member

    Joined:
    Dec 1, 2009
    Messages:
    141
    Likes Received:
    11
    Occupation:
    IT and SEO
    Location:
    root:~#
    Home Page:
    Hi
    Do you know what the exploit this guy use?
    I interrested in how he can do that.
    I am not saying i want to do the same :D just understand how to do that...
    Thanks for answers..
     
  11. Dj Co2

    Dj Co2 Elite Member

    Joined:
    Aug 21, 2009
    Messages:
    1,519
    Likes Received:
    2,355
    After playing L.A. Noire I doubt it that you want to do the same
     
  12. extremephp

    extremephp BANNED BANNED

    Joined:
    Oct 19, 2010
    Messages:
    1,293
    Likes Received:
    1,272
    When I was 13, I used to find wordpress sites which were hacked the same way, get in touch with the owner to make out some quick cash :D

    There is some site called team-h or something so, which is a hackers group, where hackers hack websites, and list them up which made things easier.

    I left doing that as the no. of replies declined to nil. Never tried it later on. What I did was export the posts etc from wp-admin, and do a fresh install and then import it back. Not the best thing, but was easy as I tell the owners that "I will have to remove all the plugins to fix them perfectly."


    And yeah, keep your anonymous FTP off.
     
  13. kiseki

    kiseki Registered Member

    Joined:
    Sep 13, 2011
    Messages:
    86
    Likes Received:
    54
    Occupation:
    Unknown
    Location:
    Unknown
    I think they use what they so called "UNICODE exploit" or DOS (denial of service) to deface a certain page of you site but i don;t know if it still works this day...It is like a code that they put into his browser and to test if your site is vulnerable for that certain unicode or not -->like this yourdomainame/cgi-bin/_v_t_i/20%cmd+dirc:\) something like this... But i don't know if this still work...
     
  14. BlackTagine

    BlackTagine BANNED BANNED

    Joined:
    Aug 24, 2011
    Messages:
    378
    Likes Received:
    33
    Last week i Got a visit from "Black cat" my stat shows weird links,all i did is installing a bunch of security plugin ,i hope nothing bad happens since it's my first blog!!:cool:
     
  15. shiningeyes

    shiningeyes BANNED BANNED

    Joined:
    Feb 7, 2011
    Messages:
    415
    Likes Received:
    297
    http:/ /ww w.sochim. cl/ I liked the song :p
     
  16. bangkai

    bangkai Junior Member

    Joined:
    Dec 2, 2008
    Messages:
    173
    Likes Received:
    18
    No, it doesn't work these days, that vulnerability is so ancient :D
    But now the hackers mostly attack using SQL injection vulnerabilities.

     
  17. nanavlad

    nanavlad Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 2, 2009
    Messages:
    2,419
    Likes Received:
    892
    Gender:
    Male
    Occupation:
    SEO Consultant
    Location:
    Proxy Central
    All mu aites where hacked last week.
    I got in touch with hostgator and they fixed it
    Dont know how it was done.
    but i guess I was lucly
     
  18. link-package

    link-package Junior Member

    Joined:
    May 4, 2011
    Messages:
    107
    Likes Received:
    13
    Try this
    <word> + special character + number + special character
    eg. yourname*12101977(dob)*1
     
  19. zmoney

    zmoney Senior Member

    Joined:
    Apr 19, 2011
    Messages:
    814
    Likes Received:
    250
    Just got hit with SQL Injection. Links in all my 80+ posts.. fml

    I swear I'm gonna go back to xsitepro one of these days.. ughhh