WordPress.org

Ready to get started?Download WordPress

Forums

Hacked By Georgian Hackers (8 posts)

  1. siggma
    Member
    Posted 6 years ago #

    This must be a new thing cause I see no other references to it at all. My wordpress has been hacked. The Index.php contains Georgian Hackers code that apparently failed with a "500 Internal Server error" at first but now it's been hacked. If there is an official place to report this, I didn't see it.

  2. Joni
    Member
    Posted 6 years ago #

    Make sure you notify your web host about this breach in security. There has been quite a bit of hackery going on with regard to an xmlrpc exploit and the advice is to just kill the file (it's in the wp root). Don't know if that was the method of ingress in your case tho.

  3. Len
    Member
    Posted 6 years ago #

    Contact security@wordpress.org with any info you may have such as server logs etc.

  4. siggma
    Member
    Posted 6 years ago #

    Thanks, I removed the file mentioned so it's not usable. Thanks for the information. I sent email to the address above.

  5. Ryan Boren
    WordPress Dev
    Posted 6 years ago #

    Some of the log files I've seen look like someone logged in via wp-login.php, changed some files via templates.php, and changed some options via options-general.php. Looks like they just logged in with the proper username and password. Changing the passwords for all users on your blog would be a good idea. If you've been hacked, check your options in Options->General, your /index.php file, and all of your theme files for tampering.

  6. Ryan Boren
    WordPress Dev
    Posted 6 years ago #

    Those of you who were hacked, what host are you on?

  7. Ryan Boren
    WordPress Dev
    Posted 6 years ago #

    Several of those hacked are using the wp-forum plugin, which has a vulnerability that is being actively exploited.

    http://www.frsirt.com/english/advisories/2008/0235

  8. whooami
    Member
    Posted 6 years ago #

    ryan,

    you can take the horse to the water but you cant make it drink :(

    http://wordpress.org/support/topic/154770?replies=5

    (On a completely unrelated note, bentram left a comment on my site that he was adding a link to my site inside a trac ticket that relates to the xmlrpc issue.. delete the link please when you come across it. matt is already aware of whats on my site)

Topic Closed

This topic has been closed to new replies.

About this Topic