Forums

WordPress › Support » How-To and Troubleshooting

site hack -- deleted wp_posts and wp_users (3 posts)

  1. TomJohnson
    Member
    Posted 2 months ago #

    One of my client's sites was hacked, I believe. I just checked it and didn't see any content appearing. I tried logging in but couldn't. I looked in the database via phpmyadmin and saw that the tables wp_posts and wp_users were missing.

    He had 2.8.4 -- the latest version of WordPress. To fix the hack, I manually upgraded the site to reinstall 2.8.4, but it didn't fix it. So I imported a backup of the database to restore the site.

    I know there's a worm going around. But I thought signs of infection included a bunch of spam embedded in your posts, not total post deletion. I also thought sites with 2.8.4 were safe.

    Has anyone else experienced a hack like this? Is it possible to delete these mysql tables from the dashboard area? Did someone hack into my server and access phpmyadmin?

  2. samboll
    moderator
    Posted 2 months ago #

    I also thought sites with 2.8.4 were safe.

    not if the back door hack was brought along with the upgrade to 2.8.4

    until all files and db are cleaned it can always come back
    read the sticky about the hack going around for help
    http://wordpress.org/support/topic/307660?replies=1

  3. TomJohnson
    Member
    Posted 2 months ago #

    Wow, it happened again. The thing is, it's not as if someone is inserting malicious code into the posts. All the posts are simply gone, as well as the users. So I can't log in. All I see is a blank blog with the default template. No signs of another user or spam in the posts. I have to figure out what's going on. Is there another type of hack where the hacker just deletes your posts and users?

Reply

You must log in to post.

About this Topic

Tags