actually the blog in your profile is at 2.6.2
do you have another?
That post was probably from before I updgraded.
There’s a chance there’s an older install of WP on the server somewhere. Is it possible if someone hacks an older version of WP on the same server, that they could gain access to newer versions?
http://www.56weeks.com/
this one is 2.6.2
and yes – if you can gain server access, you can go about where you want to
One t, or two, in their name? Maybe there are hackers hacking the hackers!!! Just kidding. If the spelling is actually “Pitbull Clan”, you appear to be in very sparse company for the time being, if google is any indicator.
http://www.google.com/search?hl=en&q=%22Hacked+by+Pitbull+Clan%22&btnG=Google+Search&aq=f&oq=
without quotes,
http://www.google.com/search?hl=en&q=Hacked+by+Pitbull+Clan&btnG=Search
I would start by actually looking inside your directories for files that don’t belong. What’s in index.php at this point? Check upload directories first. Then check your user database for users that don’t belong there. Especially admin accounts. Any helpful info in your log files?
Looks like they may have gained access to a photobucket user account (or just decided to use someone elses existing images) for a place to put their “hacker” logo images. Bottom row, here;
http://s175.photobucket.com/albums/w148/1001Design/Pitbull/?start=20
anything look familiar?
It doesn’t seem like they gained access to my entire server, because it was only sites running wordpress that were affected, and there are many, many other sites on there. I’ve removed the older versions of WP on the system. What else should I do?
Still it doesn’t look like a WordPress exploit.
What you should do is contact your hosting provider and have them investigate the issue.
Check your own computer for viruses and spyware and then change all server passwords.
Then remove all suspicious files from your server and harden access permissions for the rest files.
As a bonus: http://codex.wordpress.org/Hardening_WordPress
