WordPress.org

Forums

[resolved] Hacked by iSKORPiTX (7 posts)

  1. andyhoyland
    Member
    Posted 6 years ago #

    Hi there people.

    I have searched codex and google for help on this but I can't seem to find any answers. Recently my site was hacked by iSKORPiTX - he's a Turkish hacker who broke some records a few years back.

    You can see the result of his work on one of my wordpress sites:
    '<edited>'

    Now - it's only showing on posts given the category "podcast" but whenever I try to view them I get a black page and the message "Hacked by iSKORPiTX". I have checked and reinstalled version 2.6.1 of WordPress, reinstalled the theme and had a look through my database and I can't find any reference to this.

    I knowm, through Google, that the previous bout of hacking by iSKORPiTX was done via a weakness in GoDaddy's security or something like that so I contacted my hosts and they said they didn't know anything about it and couldn't offer support as "unfortunately many PHP/SQL based scripts in wide use on the web are not as secure as they should be and many are vulnerable to attack and SQL injections" and then suggested I contact my scripts author and let them know...

    Anyone seen anything similar, or know what I should do!

    Sorry if there isn't enough information here - please do ask for more if you need it! Thanks in advance.

    Andy.

  2. andyhoyland
    Member
    Posted 6 years ago #

    Rubbish - I'm really sorry - I replaced my theme and my install but didn't clear my cache!

    Replacing the category template resolved the issue.

    However - if any one has any tips on how this happened I would appreciate them - and also - should I now change all my passwords and things?!

    Thanks again and sorry I didn't do the basic.

    I'll change the issue to resolved if anyone gives me tips of security!!

    Byeeeeeeeee.
    Andy.

  3. libralion
    Member
    Posted 6 years ago #

    Uploading your files again maybe? I certainly would remove your site, since there is no need to let this be on the intenet any longer.
    Good luck!

  4. andyhoyland
    Member
    Posted 6 years ago #

    Thanks! I'll certainly do that - by remove my site did you mean remove the url from my orginal post?

    Thanks again...

    Andy.

  5. Kent Reichborn-Kjennerud
    Member
    Posted 6 years ago #

    Pleas give me any relevant information on this 1iSKORPiTX. He is an extreme Muslim, and I want to take him down. His situated in Norway.

    In advance thanks
    Kent Reichborn-Kjennerud

  6. thisisedie
    Member
    Posted 6 years ago #

    Extreme Muslims spend their time hacking WordPress?

  7. Greenspan
    Member
    Posted 6 years ago #

    Kent,

    Might help you with this prick iSKORPiTX. He also ruined my site.

    Check this out
    Cpanel for the site of where e is hosting some details
    https://mavi1.org:2083/login/

    Also what I found strange is that he seems to be using a hosting service from Thailand.

    http://www.mavi1.org / http://www.who.is/whois-org/ip-address/mavi1.org/
    http://www.mavi1.org/forum
    http://www.siyamiozkan.com.tr / http://www.who.is/whois-tr/ip-address/siyamiozkan.com.tr/

    I am beginning to see that he is aware of how to exploit cpanel where then replaces all of the index.html or index.php with his own.

    If I where to have 5 or 6 of the sites that he exploited I guess that the majority use cpanel http://www.cpanel.net/index.html.

    This is just a hunch.

    Regards
    Greenspan

Topic Closed

This topic has been closed to new replies.

About this Topic