WordPress.org

Ready to get started?Download WordPress

Forums

@gmail.com Administrator Accounts Hack? (2 posts)

  1. Drew Baker
    Member
    Posted 4 years ago #

    Hey Guys,
    So today I noticed I had 6 more administrator accounts in WordPress than I'm supposed to have!

    At first I thought someone in our company had mistakenly setup some accounts, but I asked around and no one had. Then I noticed that all these new accounts had a similar naming convention. Here are the unknown account details:

    AidenD
    AidenD@gmail.com
    
    AlexisB
    AlexisB@gmail.com
    
    AlexT
    AlexT@gmail.com 
    
    BaileyK
    BaileyK@gmail.com
    
    ColtonM
    ColtonM@gmail.com
    
    DylanB
    DylanB@gmail.com

    I think my site was compromised. I've been running 3.0.1 since it came out, but this could have happened before an upgrade in the past. I've gone through the user registration emails, and none of these names came through (which makes me even more suspicious).

    My site (www.popmag.com.au) hasn't shown any unintended results, so I don't think we have been attacked, but we have been compromised.

    At the moment I've bumped all suspect users down to Subscribers pending my investigation.

    Any ideas? Have you heard of this before?

    Thanks,
    Drew

  2. esmi
    Forum Moderator
    Posted 4 years ago #

Topic Closed

This topic has been closed to new replies.

About this Topic