WordPress.org

Ready to get started?Download WordPress

Forums

WP 2.5.1 Site Hacked -- New Admin User, New Posts, Corrupt WP_Options Database (5 posts)

  1. TomJohnson
    Member
    Posted 6 years ago #

    Someone hacked into my WordPress 2.5.1 site today. When I went to the site, I saw the install screen. I went into the database via control panel and noticed that wp_options was broken. I repaired the database from cpanel and it fixed wp-options, allowing me to see my site again. (I hadn't been installing anything new or upgrading.)

    There were about 30 new "Hello World" and "About" posts. I deleted them. In the Users panel, there was a new admin user with the email
    mdburke@maine.edu.

    I'm a little concerned about this because I'm not sure how the hacker got in. Through WordPress or through my web host? Also, although it was annoying to find this, it was relatively easy to repair.

    Does this mean 2.5.1 has a security vulnerability, or was my password not strong enough, or did the hacker come in through my web host?

  2. TomJohnson
    Member
    Posted 6 years ago #

    This post describes a similar experience.

  3. whooami
    Member
    Posted 6 years ago #

    mdburke@maine.edu is googlable too, and sure doesnt look like a hacker - honors student (very odd)

    If you have your apache logs for the last day or 2 available, i would love to take a look at them. mind you they wont show much beyond files accessed, but im the curious type.

    If you dont mind, and you have them available, could you please zip them up and send to whoo (AT) village-idiot (dot) org ? thanks

  4. TomJohnson
    Member
    Posted 6 years ago #

    Sure, I'll send them to you. Thanks.

  5. whooami
    Member
    Posted 6 years ago #

    your logs were very interesting, to say the least. I'll send you an email

Topic Closed

This topic has been closed to new replies.

About this Topic