Stats file hack | WordPress.org

trinitywebhosting
(@trinitywebhosting)

14 years, 1 month ago

I work with a number of WordPress sites. Two sites – artsonetheave.org and lookingcloser.org — have recently been hacked via the stats file. In one the stats file was in wp-admin and in the other it was in wp-includes. The hack creates HTML in this file which points to a Viagra site. Then that HTML shows up in Google when people search for the site and in Facebook when people put the site in the Post link box. It has re-occurred on one of the sites. Have you seen this before, and is there something I can do to stop it re-occurring? I’ve searched for threads on google about it, but I can’t find anything.

Thanks,
Sam Drew

Viewing 2 replies - 1 through 2 (of 2 total)

Gary Barrett
(@gary-barrett)

14 years, 1 month ago

Did it have a similar effects as this – http://wordcast.bitwiremedia.com/2010/03/05/wordpress-hack-cloakes-itself-to-all-but-search-engines/

Rev. Voodoo
(@rvoodoo)

14 years, 1 month ago

pretty much, hacks are hacks. They may look or act differently, but you are really looking for a lot of the same stuff. Heres some reading:

http://codex.wordpress.org/FAQ_My_site_was_hacked
http://ocaoimh.ie/did-your-wordpress-site-get-hacked/
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://www.snipe.net/2010/01/when-wordpress-gets-hacked/

My Experiences with being hacked:
http://www.rvoodoo.com/2010/02/the-dreaded-base64-wordpress-hack-and-other-hacks-too/

And when you’re done:
http://codex.wordpress.org/Hardening_WordPress

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Stats file hack’ is closed to new replies.

In: Plugins
2 replies
3 participants
Last reply from: Rev. Voodoo
Last activity: 14 years, 1 month ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics