• Hi,

    Two of my client’s websites were hacked today with just a post added to their site with the title ‘Hacked By SA3D HaCk3D’. I did a search for this on Google and dozen of results come back with the same post title of other sites with the same injected post.

    As far as I know my client’s sites are secure with tried and tested plugins etc. and because of the amount of sites with the same posts this makes me think it’s a WordPress security issue? Has anyone else had the same issue and has the vulnerability been found as would love to know what caused this?


    Jim Isles

Viewing 5 replies - 16 through 20 (of 20 total)
  • Just got a clients site hit myself.
    Was pretty up-to-date with everything, they seem to be hammering this exploit.

    I think I’ve found the exploit the Skiddies are hammering:

    @logankipp, Very strange that I’ve never noticed and have even moved hosts and they didn’t notice before. These two sites that I have were actually hacked very early in their creation back in 2019 & 2016… Or are they adding these dates? They were just updated in the last few days. So, I can’t restore older versions as it would be impossible to rebuild quickly enough. Speaking with Securi and told that these are very difficult to remove and they are serious. However, I don’t see anything wrong on the site. How do I know to trust what needs to be done and what real damage is being done? I mean, can it wait two weeks or do I need to be seriously concerned? One is a membership site, so not just me involved. Can I simply remove the posts? Neither of these sites have a blog so no one sees these, but still… TIA! (Also Hacked by unknown one one site and Hacked by HolaKo on the other, both with the SA3D.)

    @leapfrogva, the SA3D hack emerged around February 1st of this year and edits existing posts, so what appears to be an “old” hack is actually quite fresh. If you have a database backup from January, it is most likely defacement-free. You could simply remove these posts, but keep in mind that they did overwrite one of your actual posts, so something is probably going to be missing.

    @logankipp, Thank you! I do have one just a few days before for both sites! I’ll do that. I appreciate your time!

    • This reply was modified 6 years, 7 months ago by leapfrogva.

    @leapfrogva you’re very welcome!

Viewing 5 replies - 16 through 20 (of 20 total)
  • The topic ‘Hacked’ is closed to new replies.