1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Site got hacked

Discussion in 'Black Hat SEO' started by moneymachine01, Jul 31, 2011.

  1. moneymachine01

    moneymachine01 Regular Member

    Joined:
    Sep 2, 2009
    Messages:
    339
    Likes Received:
    75
    I noticed that one of my wordpress sites got hacked the other day. The hacker added a few links to each of my posts each with it's unique anchor text totally unrelated to my posts. It's a good thing it's not a big site as it only has about 7 posts so far. He also reduced many of the articles to about 1/2 the size they were originally. That really pissed me off. Now I gotta go back and redo em all. :-(

    I did a whois on some of them but they all seemed to have different info. How did this a-hole manage to break in to my site ? :(
     
  2. billbobi

    billbobi Regular Member

    Joined:
    Apr 16, 2010
    Messages:
    231
    Likes Received:
    47
    Occupation:
    Professional Snakes and Ladders Player
    Location:
    UK
    Were you updated to the most update version of wordpress? I think we are on 3.2.1 or something like that..
     
  3. moneymachine01

    moneymachine01 Regular Member

    Joined:
    Sep 2, 2009
    Messages:
    339
    Likes Received:
    75
    Yep, it's the newest one, however I just updated it this week and may not have notice the hack if it happened earlier.

    P.S. - You have an amazing avatar :p
     
  4. TheMatrix

    TheMatrix BANNED BANNED

    Joined:
    Dec 20, 2008
    Messages:
    3,444
    Likes Received:
    7,279
    I highly suggest you install WP-DB manager plugin, and set it to take backups everyday. Very handy in critical situations.
     
  5. SEO20

    SEO20 Elite Member

    Joined:
    Mar 25, 2009
    Messages:
    2,017
    Likes Received:
    2,259
    Properly some well known exploits - remember to keep it all updated.
     
  6. jason2009

    jason2009 Senior Member

    Joined:
    Apr 23, 2010
    Messages:
    1,005
    Likes Received:
    206
    Occupation:
    Student
    Location:
    Earth
    Are your all plugins trusted ? Check them first and if you don't found a solution contact with you host. May be they can give you a solution.
     
  7. malicious

    malicious Newbie

    Joined:
    Nov 9, 2008
    Messages:
    24
    Likes Received:
    8
    the most common reason is as mentioned above an untrusted or outdated plugin that makes such a site vulnerable.
    A good way to prevent hackers from finding those is by just changing the names of your plugins because they will search for specific pattern.
    Usually this happens when somebody can look up your internal folders because they are indexed in google, but somebody could search your blog directly for specific folders of plugins etc..

    Another good layer of security is phpids in my opinion, even if your plugins whould be vulnerable it whould still prevent your site from beeing hacked, you can check it out at phpids.org
     
    Last edited: Jul 31, 2011
  8. Narrator

    Narrator Power Member

    Joined:
    Oct 5, 2010
    Messages:
    507
    Likes Received:
    396
    Occupation:
    Internet Marketing
    Location:
    /dev/null
    Check google cache you might be able to recover your original posts.
     
  9. kevinmk

    kevinmk Newbie

    Joined:
    Jul 31, 2011
    Messages:
    4
    Likes Received:
    0
    You may deactivate temporary some plugins to check, I have ever got this problems there before when I installed some untrusted plugins

    Kevin
     
  10. Sturmführer

    Sturmführer BANNED BANNED

    Joined:
    Jun 23, 2011
    Messages:
    27
    Likes Received:
    13
    Its givnt an exploit for the new wordpress versions. The only thing is, that you are infected with an password stealer.
    Or check your site for untrusted plugins.
     
  11. PlayInStyle

    PlayInStyle Junior Member

    Joined:
    Dec 22, 2009
    Messages:
    159
    Likes Received:
    36
    Location:
    EU
    just some brute forcing and you get into the house :) for advanced hackers it's easy
     
  12. malicious

    malicious Newbie

    Joined:
    Nov 9, 2008
    Messages:
    24
    Likes Received:
    8
    Aha... and you are an advanced hacker??? I dont want to be rude but bruteforcing does work only on simple passwords and takes a lot of time... it whould be rather easier to grab the needed cookie or access the md5 hash through a kind of sql injection. decrypting the admin md5 hash.
    Also if cookies are enabled bruteforcing wont work at all on WP and if the user whould just change its username from admin to something else and choose just a bit difficult pass it will get almost impossible to bruteforce it, just my 2 cents.
     
  13. TheMatrix

    TheMatrix BANNED BANNED

    Joined:
    Dec 20, 2008
    Messages:
    3,444
    Likes Received:
    7,279
    No sometimes they can't. You just need to be prepared!

    Some trusted plugins are also vulnerable, and can easily let people mess with your site.
     
  14. jl8105

    jl8105 Junior Member

    Joined:
    Aug 28, 2010
    Messages:
    121
    Likes Received:
    29
    Occupation:
    got milk
    Location:
    us,beef state
    Sorry to hear about your site. I hope something like this does not happen to me. I have a few wp sites myslef that I am working on I will be sure to take advice from above thanks for the tips.
     
  15. Drink More Tea

    Drink More Tea Regular Member

    Joined:
    Apr 15, 2011
    Messages:
    208
    Likes Received:
    166
    If you have enough upstream, bruteforcing can be rather effective, and is certainly a whole lot easier to perform than either of the two other methods you mentioned.
     
  16. SH3RMAN

    SH3RMAN Junior Member

    Joined:
    Jun 29, 2011
    Messages:
    169
    Likes Received:
    35
    Occupation:
    SEO agency
    Location:
    Paris
    what's your cms ? i can help you if you want
     
  17. typeslowly

    typeslowly Registered Member

    Joined:
    Nov 30, 2008
    Messages:
    61
    Likes Received:
    9
    Location:
    United States
    Probably an outdated plugin.
     
  18. malicious

    malicious Newbie

    Joined:
    Nov 9, 2008
    Messages:
    24
    Likes Received:
    8
    I wil give you right in this, but you have to give me also right that if the pass is changed or the admin to any other name that its quite impossible to get through no matter the upstream you have. Just lets say you will use one special or ascii character in it, will you set that up in your bruteforce machine?
    Sure you can include some signs but if the password exceeds 6 counts you will have to generate enormous lists to try on and such an attack and still it is luck if you get in.
    I agree that many blogs may be insecure due to certain reasons like this but if somebody cares just a little bit about security you wont be able to just bruteforce his blog, what do you want to use to crack that wordpress blog an xbox360 super cracking computer which is faster then the fbi ones? Sorry but i dont have such a thing and i think most people dont. Bruteforcing works well with simple patterns, once it gets too advanced some days or weeks cracking will get years and it will make no more sense to do it....
     
  19. amatB

    amatB Newbie

    Joined:
    Jul 30, 2011
    Messages:
    15
    Likes Received:
    1
    try badwarebusters