Comments on: Did your WordPress site get hacked?

By: vince

vince — Wed, 17 Mar 2010 06:16:12 +0000

Ok First up.

1. I have 5 wordpress sites all got hacked into during March. The first one http://www.vincecianci.com is reported as an attack site and supposedly has malware on it. The google message appears upon trying to load the site. The same thing has happened on my other sites too.

2. I cant access ANY of my sites though the standard wordpress login page as If my own passwords have been changed.

3. I am not tech savy at all. I checked most of my files on each of the 5 wordpress sites and it appears ok to me but what do I know. I have zero php, ftp experience. My hosting provider GoDaddy cant do anything so I feel I am out of options.

Any ideas here guys??

Vince.

By: Faith

Faith — Fri, 12 Mar 2010 10:24:05 +0000

I use WPMU and Love WordPress !! I Had 13 sites totaling 4000+ “Real”members,and with in a few hours I had 10,000+Fake members all mixed in !And no sites ! most of the Fake blogs and user emails I noticed (later) were short first name sounding and all had numbers ending that short name, like saally272645343 had matching emails like saally272645343@whateverfake.com
I Also found a theme with files all cute and pretty :{ with images labeled as alott of the codes you mention above, theme was named flavour-extended-png in the themes folder, I am almost sure it is infected.Thank you for all the help wordpress world

Keep the Faith

By: Cenay : Blogging Coach

Cenay : Blogging Coach — Fri, 12 Mar 2010 09:19:15 +0000

I wanted to mention a couple of plugins that can really help keep your blog protected, especially to all you non-coding webmasters…

One is called Wordpress Firewall. It basically protects your Wordpress software from attempts to login, hack passwords or use the query strings to inject code or look for weaknesses. Pro’s: Closes another door or two in the face of hackers. Con’s: Have to ensure your current IP address is listed so you can edit your blog. (Check out whatismyip.com to find it)

Another is Wordpress Antivirus. This basically scans your theme files for injected type code. Tho not full proof, it does add another layer of possible protection.

I also use Wordpress Scanner to scan my installation for security holes.

Just Google any of these names and the word “wordpress” or “plugin” at the same time.

And remember, the safety of your blog and your visitors is in your hands… get proactive.

By: VC

VC — Tue, 09 Mar 2010 16:37:29 +0000

very helpful, thanks! THis beats the mindless and annoying task of reloading everything!

By: Gaylea

Gaylea — Mon, 08 Mar 2010 15:01:38 +0000

Hi Donnoha,
You’ve given really great information here and I will definitely apply it. I only have one problem: cant even get into the back end of my blog!! Do you have any suggestions?

When i try to go in with firefox, my antivirus comes up with the Mal/iframe-f If i try to go in with IE it doesnt let me even get near the blog front end or backend.

once i log in with firefox – everything goes to a white screen and hangs. Had googled and tried to find out what to do but your information is more extensive. do you ever do paid work?

(coz I am at my wits end and i dont have enough knowledge of php to know what to delete and what not to)

i have upgraded, added exploit, have manually looked through files for obvious iframes (didnt look for the rest of the code you’ve revealed here though).
have downloaded, scanned for malware with 5 different programs, have deleted users, changed passwords, and stood on my head with this thing !!!

any advice is appreciated

Please let me know about the paid thing

Thanks
Gaylea

By: Good to be back! | John Arroyo

Good to be back! | John Arroyo — Sun, 28 Feb 2010 23:25:50 +0000

[...] http://ocaoimh.ie/did-your-wordpress-site-get-hacked/ [...]

By: Unhacking your Wordpress installation | Tongfamily Website

Unhacking your Wordpress installation | Tongfamily Website — Tue, 23 Feb 2010 21:31:26 +0000

[...] Did your Wordpress Site get hacked is a good pointer to fixing things. It is pretty insidious what can happened: [...]

By: How I Remove Trojan.Script.Iframer in My Wordpress Blog That Sends Away My Visitors

Sun, 14 Feb 2010 01:04:20 +0000

[...] http://ocaoimh.ie/did-your-wordpress-site-get-hacked/ http://forum.kaspersky.com/lofiversion/index.php/t104035.html [...]

By: My WordPress Installation Hacked on Netfirms

My WordPress Installation Hacked on Netfirms — Mon, 08 Feb 2010 09:13:17 +0000

[...] as well go all the way and have longer (and more complicated) passwords created. Good References http://ocaoimh.ie/did-your-wordpress-site-get-hacked/ http://enthusiasm.cozy.org/archives/2010/01/argh-blog-hacked [...]

By: phpdude

phpdude — Sun, 07 Feb 2010 23:29:39 +0000

i have been hacked too

at this year july … bull shit! fucking hackers!