[resolved] Follow Me On Twitter HACK (corrupts WordPress) (3 posts)

  1. jmacofearth
    Posted 4 years ago #

    A clients wordpress sight was hacked. A large images that said "Follow Me On Twitter" and twitter.com/andreapernici" was replacing all the images on the site.

    Looks like the user got access via hacking an admin account.

    The problem is, how ever he rigged the system, the images in the wordpress interface are also corrupted with this twitter image, stretched to many sizes. It's chopping up the interface, the WSYWIG buttons.

    I have deleted all the files and begun a fresh instal of 3.01, but the corrupted source images are even in the initial installing processes. Before the site is created I can see pieced of the twitter image inside the buttons.

    Any help, or points to places where I can clear this out.

    Where are those bitmaps for the WP interface held? And if I have done a clean install how are they still there?

    Most of my WP sites are fine. But this one is a mess.



  2. James Huff
    Volunteer Moderator
    Posted 4 years ago #

    Try downloading WordPress again and delete then replace your copies of everything except the wp-config.php file and the /wp-content/ directory with fresh copies from the download. This will effectively replace all of your core files without damaging your content and settings. Some uploaders tend to be unreliable when overwriting files, so don't forget to delete the original files before replacing them.

    You may need to delete and replace your files in /wp-content/ too, but start with this first.

    Don't forget to clear your browser's cache.

  3. jmacofearth
    Posted 4 years ago #

    This same attack happened on another blog I host. And installing the Bulletproof Security plugin, all was fixed. Going to give the plug-in a high rating.



Topic Closed

This topic has been closed to new replies.

About this Topic