Title: Cyber War Last modified: August 31, 2016 --- # Cyber War * [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/) * Google tells me that WordPress is the oldest blog with the most pristine technicians. I would like to believe this. Unfortunately, my WordPress sites have recently been hacked by Black Hats. How is this possible? My hosting provider suspended one of my accounts today as a result of criminal hacking activity. Also, another of my sites based on CubeCart recently failed due to hacking and security issues with recent upgrades. Please don’t ask me about CubeCart support and their customer service / communication! If the internet is so vulnerable, what would happen if the hackers took it down? Who is identifying these hackers and their IP addresses? Why are responsible websites being penalised by their hosting providers and Google for the actions of criminals? I think I need to forget WordPress and go back to old school websites that never fail. Viewing 14 replies - 1 through 14 (of 14 total) * [Andrew Nevins](https://wordpress.org/support/users/anevins/) * (@anevins) * WCLDN 2018 Contributor | Volunteer support * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426422) * I’m sorry you were hacked, but can you clarify whether you’re asking rhetorical questions or are genuinely looking for support? * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426423) * At this stage my questions are rhetorical but I am looking for answers. I cannot understand why my WordPress sites including the one that crashed today are being hacked. Another WordPress site has run out of bandwidth so I assume it is also being hacked. A third site with a CubeCart site has also crashed due to hacking and possibly coding issues with recent upgrades (not your problem but also a recent issue). All these sites have been online for years without any issues. Meanwhile my old school websites are running perfectly without any hacking issues. I am wondering if the hackers are winning the war. * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426425) * Here is the response from our hosting provider after our account was suspended without prior notice: * It’s not possible to provide prior notifications for issues like these. The account had attempted to send out out 845 emails (in less than 15 minutes) before our monitors were alerted. If the account is not suspended, the spamming will continue. After suspending the account, I have had a chance to investigate the spam. The spams originated from the following folder ‘/home/xxxx/public_html/wp-content/ plugins/custom-contact-forms/bower_components’ The malware file in there ini24. php, was uploaded in September 2015 * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426426) * Looking forward to your response. * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426427) * Installations get compromised for a variety of reasons. - Code isn’t maintained meaning WordPress, plugins or themes and vulnerable code was exploited - Additional code on the same server is exploited - Passwords are obtained (many ways for that to happen) - Your host runs vulnerable code on the same server * You get the idea. When someone’s site is compromised this is the typical reply posted. * > Please remain calm and carefully follow [this guide](https://codex.wordpress.org/FAQ_My_site_was_hacked). > When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://codex.wordpress.org/Hardening_WordPress). * Once you’ve successfully deloused your server then hardening your WordPress would not be a bad idea and those links can help you get that going. * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426429) * Thank you. I will read your instructions but the point is that our cPanels were compromised by loading WP on our sites and Black Hat hacking through the back door. This has never happened before and we have other non-WP sites that have been online for many years. Our eBay sites and PayPal have also been compromised, along with our online reputation! WP needs to address security issues. Over and out. Not calm at all! * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426431) * OK, this may sound odd and please don’t react badly when you read my reply. Emphasis added by me. * > Thank you. I will read your instructions but the point is that **our cPanels > were compromised by loading WP on our sites and Black Hat hacking through the > back door.** * Not exactly. Your cPanel was not compromised because of core WordPress. It may have been due to a plugin or theme or add-on but unless you were running a very outdated version of WordPress then that was not the vector you were compromised by. * Here’s how I know: WordPress and cPanel go hand in hand on so many hosted sites( I’ve never used it but I’m told that I’m “odd”). Had WordPress been the method of compromising your site then so many people would be reporting that. That would be a HUGE event and people who compromise sites are not known for their restraint. * Your site was definitely compromised and delousing your site will be a challenge. It’s not easy and requires you to save all your files and your complete database and then burn everything to the ground. * If you can identify the vector then fantastic. But more often than not people are unable to definitely find it. If it keeps happening despite your efforts then a new host provider may be needed. * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426435) * Okay, it is very late in Australia so I am sure you will understand that I am going to sleep soon, which is why I replied ‘Over and out’ (old and reliable radio technology) in my last post. Not reacting badly at all but looking for answers! My cPanel was absolutely compromised by WP security issues. Please read previous posts. All plugins are downloadable via the WP admin panel. Therefore, WP is recommending and approving the plugins. How on earth can anyone access the cPanel if not through a back door in WP? My WP is up-to-date. In the meantime my FTP is blocked, my website is blocked, my emails were blocked (although we have managed to resolve this through forwarding), my eBay account was affected, my PayPal was affected and my online reputation is in jeopardy. Let’s go back to the original question. Are the Black Hat hackers winning and what is WP doing to combat this? * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426436) * Also, why has my original topic been edited and changed? This is about a Cyber War! * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426440) * Sleep is good BTW. 😉 My Dad was into ham radios and I like the terminology. * The title was changed because it was misleading and incorrect. It was also in the wrong forum and moved to the right place. That’s not what “Hacks” is for. Hacks is for coding questions, not compromised site issues. * [https://wordpress.org/support/topic/please-use-how-to-and-troubleshooting-for-compromised-websites?replies=1](https://wordpress.org/support/topic/please-use-how-to-and-troubleshooting-for-compromised-websites?replies=1) * > My cPanel was absolutely compromised by WP security issues. Please read previous > posts. All plugins are downloadable via the WP admin panel. * Your site was compromised and yes, I did read your posts. It happens but you need to fix your site. It’s not that WordPress has a problem and you need to focus on your site. That’s as plainly as I can put it. * > Are the Black Hat hackers winning and what is WP doing to combat this? * No, they are not winning and the WordPress development cycle has a huge eye on keeping the code secure and maintaining good coding practices. * [https://wordpress.org/about/security/](https://wordpress.org/about/security/) * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426456) * Okay, one more try before going to bed. It is great that you think the Black Hat hackers are not winning but I think they are. Let me share with you my telephone conversations with Google experts. Google advised me that WP was the oldest and most pristine website in the world with the top technical specialists. So, I am not being critical but the WP team is not recently “keeping the code secure and maintaining good coding practices” – see previous posts regarding the crashing of at least one and possibly more of my websites. This is the problem. I am glad that your “Dad was into ham radios and (you) like the terminology” and I hope you learned from him because if the internet crashes (young technology), this may be the only reliable technology available for communication. If WP cannot improve its security, what can we expect? I don’t think I am being paranoid and I have been working on the Internet since its inception. * Thread Starter [clamor](https://wordpress.org/support/users/clamor/) * (@clamor) * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426457) * Also the title was not misleading and it was absolutely correct. I think the change of title was deliberately designed to shut the conversation down. Can it please be changed back? In the interests of a transparent debate. * [Andrew Nevins](https://wordpress.org/support/users/anevins/) * (@anevins) * WCLDN 2018 Contributor | Volunteer support * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426492) * Are you sure you’re using WordPress as distributed on WordPress.org? This is software that is built, maintained and supported by volunteers as an open source project. What the guys at Google told you doesn’t match that. * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426494) * I’ve changed the title back but _it is a misleading topic title_ and doesn’t address your problem. * There’s no debate to be had. WordPress takes security seriously and has for many years. * Again, it’s not “WordPress” that was compromised. Your site was. I hope you get your problem sorted out but please don’t try to make this topic into some debate. You have a more immediate problem to deal with. Viewing 14 replies - 1 through 14 (of 14 total) The topic ‘Cyber War’ is closed to new replies. ## Tags * [Activity](https://wordpress.org/support/topic-tag/activity/) * [hacking](https://wordpress.org/support/topic-tag/hacking/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 14 replies * 3 participants * Last reply from: [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * Last activity: [9 years, 11 months ago](https://wordpress.org/support/topic/cyber-war/#post-7426494) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics