1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Why do so many WordPress installs get hacked these days?

Discussion in 'BlackHat Lounge' started by tony-raymondo, Dec 17, 2011.

  1. tony-raymondo

    tony-raymondo Junior Member

    Joined:
    Jun 19, 2009
    Messages:
    181
    Likes Received:
    459
    Basically everyone I know got hacked last year at some point.

    Why is that?

    Can anyone out there give a heads up as to the top 3 ways these hackers are getting in?

    Is it usually resident malware on the WP owner's home computer?

    weak passwords..?

    It seems like kinda a waste to pay all these new 3rd party services to "protect my wp install"

    Ideas?

    Thanks!
     
    • Thanks Thanks x 1
    Last edited: Dec 17, 2011
  2. zero-day

    zero-day Regular Member

    Joined:
    Aug 25, 2011
    Messages:
    349
    Likes Received:
    344
    Occupation:
    Coder
    Location:
    My Office.
    Home Page:
    3rd party things / av's they dont sell you protection, they sell you the idea of protection.
     
    • Thanks Thanks x 1
  3. free youtube views

    free youtube views Newbie

    Joined:
    Dec 17, 2011
    Messages:
    5
    Likes Received:
    1
    Things that are highly used are the first to be targeted by hackers - AKA Wordpress. With so many people developing sites using Wordpress, there are thousands of hackers out there trying to break into it. That's why it is important to constantly do the updates as they come out.
     
  4. Crewchief007

    Crewchief007 Power Member

    Joined:
    May 27, 2009
    Messages:
    731
    Likes Received:
    525
    Gender:
    Male
    Occupation:
    Internet Marketer
    Location:
    Online
    Reasons hackers are able to do their thing?

    (1). Using a cracked version of a WP theme

    (2). Using a cracked version a WP theme that has not been properly nulled

    (3). Using a Kindergarten password

    (4). Using a free WP Theme that came with a Trogan injection

    (5). Not updating your WP Theme when the author alerts you to a known breach fix

    (6). Not updating your plugins when the author alerts you to a known breach fix

    (7). Not updating WP with the latest security protections

    (8). Allowing authors/contributors, etc., to upload executable type files to your server

    (9). Hacker installed a key logger on your machine

    (10). Got hacked using a public Internet connection

    (11). Just being plain lazy about site security.

    :slomo:
     
    • Thanks Thanks x 6
  5. Daniel16

    Daniel16 Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 13, 2010
    Messages:
    1,130
    Likes Received:
    645
    Home Page:
    Users must update the WP often once they are published, This will avoid getting the sites hacked
     
  6. IamBlackhatter

    IamBlackhatter Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 26, 2011
    Messages:
    2,537
    Likes Received:
    1,458
    Gender:
    Male
    Occupation:
    Software Developer
    Location:
    india
    Do have a backup of your wordpress sites always so even if you are hacked you can restore the site safely.
     
  7. saber210

    saber210 Supreme Member

    Joined:
    Sep 1, 2011
    Messages:
    1,358
    Likes Received:
    500
    Location:
    -
    install wp-firewall to prevent sql injection attack..

    also always check your theme.
     
    • Thanks Thanks x 4
  8. tony-raymondo

    tony-raymondo Junior Member

    Joined:
    Jun 19, 2009
    Messages:
    181
    Likes Received:
    459
    Seems that the themes themselves are often the culprit...

    hmm...

    What are these themes doing wrong?

    Are they making exotic sql calls that can be exploited?
     
  9. readysite1

    readysite1 Registered Member

    Joined:
    Jun 23, 2011
    Messages:
    81
    Likes Received:
    23
    I think you have mentioned everything already.
     
  10. download

    download Jr. VIP Jr. VIP Premium Member

    Joined:
    May 4, 2010
    Messages:
    1,271
    Likes Received:
    712
    Location:
    USA
    Also it is important to install security plugins. I use:
    Bulletproof Security
    Secure wordpress
     
    • Thanks Thanks x 1
    Last edited: Dec 17, 2011
  11. W1zdom

    W1zdom Newbie

    Joined:
    Oct 31, 2011
    Messages:
    49
    Likes Received:
    25
    tim thumb=D
     
  12. testoman

    testoman Registered Member

    Joined:
    Oct 11, 2008
    Messages:
    97
    Likes Received:
    11
    Occupation:
    manwhore
    I 2nd this. Like one user said dont use a basic password and change your login user name to xxxx
     
  13. nonhacker

    nonhacker Regular Member

    Joined:
    Dec 26, 2008
    Messages:
    255
    Likes Received:
    64
    Occupation:
    Computer Tech/ Web Designer
    I have been and I know of some who have been hacked.
    and a lot of it was through the FTP program they are using. it isnt the fault of the FTP program, but generally spyware on their computer that sees what is in the FTP program in way of users and passwords.

    you need to run antispyware often and change passwords often. make then letters and numbers. like Hgtr56Hyt8

    also make sure Wordpress is updated and I now also have a file detection plugin running. it will alert an email address when a file has been changed.
    so if it want you that changed it ten you know you have been hacked.

    Sometimes the 'system' will change a file, so if it is that way. and you know it is going to happen, you can record that file so it doesnt show you again.

    from my experience, most files that get changed are index.php files with some code in them.

    anying, but these days we have to take all precautions.

    I manage a few different clients WP installs, so it can be a chore, but is worth it to stop hacking.
     
  14. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,468
    Likes Received:
    10,148
    Also, many times plugins you install are vulnerable to attacks. Just because everyone can write a plugin, does not mean it's safe to use.
     
    • Thanks Thanks x 1
  15. Cdman

    Cdman Power Member

    Joined:
    Jul 7, 2011
    Messages:
    608
    Likes Received:
    36
    Just wondering, if you update your version of WP on your site do you need to do loads of stuff to make it work ? Ie. update plugins, change widgets etc ?

    Also, what if your theme hasn't been updated for the latest Wordpress version? Then you are in trouble, right?
     
  16. portalweb

    portalweb Supreme Member Premium Member

    Joined:
    Jan 7, 2010
    Messages:
    1,415
    Likes Received:
    547
    Occupation:
    Hard Core Engineer
    Location:
    New York
    Glad to see this OP about WP hacks are discussed here.

    Rep+ given to few of you who made good suggestions here.

    Happy Holidays!
     
  17. portalweb

    portalweb Supreme Member Premium Member

    Joined:
    Jan 7, 2010
    Messages:
    1,415
    Likes Received:
    547
    Occupation:
    Hard Core Engineer
    Location:
    New York
    3rd party WP protection services is a joke. It will never work.

    Make sure you own the licensed WP plugins/themes - to protect yourself. Old WP version and/or cracked WP plugins/themes will certainly guarantee the RIP impact on these WP sites.
     
  18. nonhacker

    nonhacker Regular Member

    Joined:
    Dec 26, 2008
    Messages:
    255
    Likes Received:
    64
    Occupation:
    Computer Tech/ Web Designer
    generally you can just click a button and WP will update itself. Very rarely will a good plugin fail because of a Wordpress update.

    With lugins, stick to those well used ones. and you can get MOST thru Wordpress.org anyway.

    when a new update is needed for a plugin it will tell you and once again you can click a button and it will auto update.
     
  19. Acquisition of Money

    Acquisition of Money Registered Member

    Joined:
    Oct 9, 2011
    Messages:
    63
    Likes Received:
    7
    One of my sites was hacked earlier this year. I believe the cause was either a cracked plugin or a nulled theme I downloaded from the Internet.
     
  20. m3ownz

    m3ownz Regular Member

    Joined:
    Dec 12, 2009
    Messages:
    311
    Likes Received:
    135
    Also poorly configured shared hosting/ piss poor cpanel passwords can be a major cause.
    Just because they fucked with wordpress, doesnt mean thats how they got access.

    Want proof, search a popular hacking forums BST for hacked cpanels, its scary.