WordPress.org

Ready to get started?Download WordPress

Forums

I've been hacked-- some way to tell when? (3 posts)

  1. thebadastronomer
    Member
    Posted 7 years ago #

    Hi-

    Checking my incoming links, I saw some rather naughty words people were using to find my blog. Given that it's a science blog, and family friendly, I was suspicious!

    I've been hacked. Someone inserted code into many of my pages (not sure how many yet) with links to dirty sites. Here's the code:

    <div style='position:absolute; top:-5000px; left:-3000px'>
    <a href=www.unc.edu/~zito/worklog/?p=5>.</a><a href=www.unc.edu/~zito/worklog/?p=4>.</a>
    <a href=http://powergolflink.com/TimeLeft3/Tmp/nude-teens-free.html>.</a><a href=http://powergolflink.com/TimeLeft3/Tmp/nonude-teens.html>.</a><a h
    </div>

    I have deleted many many links from that list (there were maybe 40), since you get the idea.

    I don't know when this happened; I just upgraded to 2.0.x a week ago, so it may have been before that.

    Is there some way to know when this may have been inserted into my content (note the offsets in the first line; the bad stuff doesn't display, so someone may have been going for pagerank here).

    Also, is there some way to bulk delete it from my database? Going through dozens of posts will be a pain.

  2. Doodlebee
    Member
    Posted 7 years ago #

    You could look at your access logs...

  3. thebadastronomer
    Member
    Posted 7 years ago #

    Update-- there were roughly 30 posts, so I went ahead and edited them all. I'm clean now.

    The newest one was hacked some weeks ago, so going through the access logs is out. I'll keep an eye open to see if it happens again, but I do suspect this was from a hole in the 2.0.x security.

Topic Closed

This topic has been closed to new replies.

About this Topic