WordPress.org

Ready to get started?Download WordPress

Forums

Heads Up re Hack (7 posts)

  1. mythusmage
    Member
    Posted 5 years ago #

    A Russian website is planting links to its site in blog posts. The place is http://www.sibresource.ru, which is in Russian. The apparent IP is 217.112.37.32, which I recommend one do an IP ban on.

    If you have any information on the site, please pass this on to Akismet and other spam blocking plugin authors. Also pass on this information to the party hosting your blog.

  2. jonathanedwards
    Member
    Posted 5 years ago #

    I just got hacked by that site too. My latest blog post was largely deleted and replaced with:

    <font style="position: absolute;overflow: hidden;height: 0;width: 0"><a href="http://www.sibresource.ru/">ландшафт</a></font>

    Any idea how this happens? What do I need to change to plug this hole? Thanks.

  3. Roy
    Member
    Posted 5 years ago #

    You're both on 2.6? Since when? Any plugins in use with known vulnerabilities? Are you on a dedicated or shared server?

  4. jonathanedwards
    Member
    Posted 5 years ago #

    I am on 2.6, since shortly after its release. Only plugins are Akismet and WordPress.com stats. Shared server (Dreamhost).

  5. Roy
    Member
    Posted 5 years ago #

    That's not good news. Hopefully you fell victim to another insecure website on the same server.
    Did you check error logs, etc. to find out how they came in? I'm no real expert on the matter, but if this is a 2.6 matter it concerns us all. If you DO have experience with tracking holes and hacks, I suggest you gatter as much information as possible and email it to security@wordpress.org.

  6. psybertron
    Member
    Posted 5 years ago #

    I have been having problems with large numbers iof Russian / Cyrillic spam getting past Akismet. This would just be a nuisance EXCEPT ...

    At least once the spam seemed to replace an existing legitimate comment and deletion of the spam deleted the legitimate comment too.

    (I'm version 2.7)

  7. Alex Shiels
    Member
    Posted 5 years ago #

    psybertron, please contact Akismet support with any information you remember about that comment.

    http://akismet.com/contact/

Topic Closed

This topic has been closed to new replies.

About this Topic