URGENT: This Facebook Like Box Widget plugin has been HACKED!

Discussion in 'Black Hat SEO' started by TrevorB, Sep 23, 2012.

  1. TrevorB

    TrevorB Senior Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    360
    Location:
    Canada
     
  2. TrevorB

    TrevorB Senior Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    360
    Location:
    Canada
    Has anyone else seen this same thing on their Wordpress blogs?
     
  3. carnage_100101

    carnage_100101 BANNED BANNED

    Joined:
    Feb 17, 2011
    Messages:
    240
    Likes Received:
    163
    If i had to guess,I would say your running a vulnerable version of wordpress or whoever is doing this has a 0-day exploit for wordpress or whatever plugin your using.Make sure everything is updated.
     
  4. TrevorB

    TrevorB Senior Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    360
    Location:
    Canada
    Yes I have everything updated on my Wordpress site.

    Are you using this plugin on your blog?
     
  5. richcamp

    richcamp Regular Member

    Joined:
    Oct 5, 2009
    Messages:
    315
    Likes Received:
    119
    I'm not using this plugin since all you need to get the same functionality is just couple of lines on the sidebar. Have a look here http://developers.facebook.com/docs/plugins/

    I'll let you know if my site also got this hack.
     
  6. TrevorB

    TrevorB Senior Member

    Joined:
    Dec 21, 2011
    Messages:
    1,185
    Likes Received:
    360
    Location:
    Canada
    I figured it out.

    It was the developer I think that is doing this.

    There was an update for this plugin yesterday I think so I updated it.
    Never noticed the link on my site till today though.

    I just finished going through this plugins code for the third time,
    looking a little closer at everything this time around, and seen
    that it is the plugin itself adding this backlink to all the websites
    that are using it.

    So if you are using this plugin:

    Code:
    [URL]http://wordpress.org/extend/plugins/facebook-like-box-widget/[/URL]
    I would go through the plugins code and remove the backlink that
    they are putting on your site.

    Sorry about the false hack alarm I made.
     
  7. puneetas3

    puneetas3 Senior Member

    Joined:
    Jan 8, 2012
    Messages:
    1,005
    Likes Received:
    430
    Just a head up for the user and every other who downloads crack plugins or themes to check them with windows grep to find any unusual url embedded in the code.