1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Warning about my recent wordpress hacked experience

Discussion in 'Blogging' started by bargainsuk, Aug 26, 2010.

  1. bargainsuk

    bargainsuk Newbie

    Joined:
    Mar 5, 2009
    Messages:
    23
    Likes Received:
    7
    Hi all,

    I wanted to let everyone know in BHW about the last two days (today and yesterday). I'm with an excellent webhost (servint) and they have a ticketing support system, well out of the blue yesterday I received an email about an 'admin issue' so I logged in and read that a report had been made about a phishing site was running from one of my domains, I checked it out and sure enough there were the files and folders and I could see in my logs victims had been visiting from emails to these files.

    I quickly deleted them and made the support team know that I wasn't involved in this and helped them where I could.

    Earlier today all my domains started acting up out of the blue, I made support aware of it then this evening I received another admin email, stating that another phishing attempt was running on the same domain as before. I checked and there were files for more than one phishing site in my domain. I have password protected my root folder so anyone visiting my site will see a request for username/password. I'm being told that it is related to not updating my wordpress installation to 3.01

    It was already updated to 3.0 but not the very latest one. I'm sure there are people out there looking for vulnerable wordpress installs and I know many BHWers use Wordpress so I wanted to share this with you, as it is a real threat.

    I'm not so worried because I've already given a months notice with this host and already planned on shutting my sites down in 3 days time. My domains will be used for email redirection and domain redirection only from my domain provider so there will be no site to phish from.:)

    Hope this message helps prevent this happening to at least one of you.

    All the best.

    P.
     
    • Thanks Thanks x 2
  2. PlatinumPi4u

    PlatinumPi4u Junior Member

    Joined:
    Mar 5, 2010
    Messages:
    171
    Likes Received:
    29
    looking at my google analytics, i noticed that my contact us email address has been ranked #1 under my traffic sources keywords.....

    Reminds me of the old AOL days........
     
  3. Nekroev

    Nekroev Newbie

    Joined:
    Dec 6, 2009
    Messages:
    10
    Likes Received:
    11
    That's good to know. Did you find out how they hacked your sites? What exactly was the security risk in wp 3.0
    Curious
     
  4. radicalseo2

    radicalseo2 Newbie

    Joined:
    Jun 24, 2010
    Messages:
    49
    Likes Received:
    12
    IIRC correctly the 3.01 release was not security related. There are other attack vectors, especially if you are on shared hosting, running other scripts on the server, run outdated versions of software, or have the wrong permissions set for directories or files.
     
  5. wacked

    wacked Newbie

    Joined:
    Jul 17, 2010
    Messages:
    19
    Likes Received:
    2
    or got your password stolen.
     
  6. xrfanatic

    xrfanatic Jr. VIP Jr. VIP

    Joined:
    Aug 28, 2010
    Messages:
    396
    Likes Received:
    172
    Location:
    http://bit.ly/slb64
    Home Page:
    Thanks for the valuable info. I'll be more aware now to keep my wordpress blogs updated.
     
  7. ruworth

    ruworth BANNED BANNED

    Joined:
    May 17, 2010
    Messages:
    251
    Likes Received:
    71
    When my blog got hacked the hacker changed my admin password and email address the put up a black screen stating that I'd been hacked. I had cpanel access so I just deleted the lot.
    Posted via Mobile Device
     
  8. .david.

    .david. Junior Member

    Joined:
    Jul 20, 2010
    Messages:
    197
    Likes Received:
    36
    Location:
    California
    hahaha... "awesome" hack, hacker! what was that supposed to accomplish?
     
  9. HeadBone

    HeadBone Registered Member

    Joined:
    Jan 9, 2010
    Messages:
    57
    Likes Received:
    82
    Occupation:
    I have 3...
    Location:
    Most of the time it's Earth..but who knows...
    Not sure if bad behaviour plugin would help in this situation, but give it a try. It has helped me keep the idiots out from a tinymce hack etc.