Hackek By eXploit-1307 (5 posts)

  1. mcfpcmasr
    Posted 3 years ago #


    I just been hacked by a hacker named "missoum said", his email is y@th3pro.com and here is how i could see it.

    First of all I received an email from WordPress telling me that I had a new user registered. Checking it in the admin panel, I could see that he was registered as an "Administrator"

    I then received an email from "Missoum Özil" (email missoumozil@gmail.com) saying:

    "Si vous ne me payez pas 20 $ €, va fermer votre site If you do not pay me $ 20 €, i will close your site shell of hack http://www.mydomainname.com/madspotshell.php"

    Checking on my FTP where I host 3 differents wordpress blogs I could see that he had uploaded 2 files on the first blog: the file madspotshell.php and a file DZ.txt where it's written "Hackek By eXploit-1307"
    And on the 2 other blogs I could only find the DZ.txt file

    How can I do to protect myself? Is he dangerous? How could he do it? What are the security tips you advise me? It seems that he's waiting for me to pay before killing my sites. Has anyone experimented the same situation ?

    many thanx for your help, I'm desperate

  2. mcfpcmasr
    Posted 3 years ago #

    Thank you Chris i'm going to check out your links

  3. odoremieux
    Posted 3 years ago #

    You need to do regular backups and store them in a safe place. Another place than your site.

    Is your site up to date?
    What about your plugins or themes?

    Olivier [signature moderated]

  4. mcfpcmasr
    Posted 3 years ago #

    Thank you for your answer odoremieux: actually now my wordpress version wasn't the last one and my plugins weren't updated either. It's among the first things I did afterwards, changing the admin password to a more complicated one (I also changed the "admin" login into another one)

    What about those plugins:
    - http://wordpress.org/extend/plugins/exploit-scanner/
    - http://wordpress.org/extend/plugins/secure-wordpress/

    would you recommend them?`


Topic Closed

This topic has been closed to new replies.

About this Topic