Support » Fixing WordPress » My blog’s been “Hacked BY iSKORPiTX; (TURKISH HACKER)”

  • Resolved minhternet

    (@minhternet)


    Hello everybody,

    My blog is http://www.minhternet.com, this afternoon it was hacked, causing every page to have a header stating “BY iSKORPiTX;

    (TURKISH HACKER)”

    You can take a look for yourself since I haven’t resolved the issue. I was running WP2.6 at the time and since the hack have upgraded to WP 2.6.5. I believe this went successfully since I was able to navigate to the wp upgrade page after wards, and after clicking it notified me that my databases were upgraded successfully. Is there anything specific other than the default instructions that I have to do to unmangle this guy’s hacking? One major challenge has been that since the hack I haven’t been able to get to my admin page – it appears I can log in, but then the admin page is blank except for the hacker’s header. I can’t recall if this page worked after the hacking but before my upgrade.

    Any help would be appreciated! Again the blog is http://www.minhternet.com

    Thanks,
    Minh

Viewing 5 replies - 1 through 5 (of 5 total)
  • I’m sorry that this has happened to you 🙁
    But read this:

    http://www.securitypronews.com/news/securitynews/spn-45-20060519IskorpitxStrikesAgain.html

    Thread Starter minhternet

    (@minhternet)

    Thanks for the condolences snez.

    I have tried uploading all of the new 2.6.5 wp files again and still no luck. From what I have determined all of the files (except in wp-content) are brand new, yet I haven’t been able to break free from the hack yet. Is there anything else I can try? I’d be happy to post any of the php files etc here if that helps with the troubleshooting.

    Thanks,
    Minh
    http://www.minhternet.com <- currently hacked site

    all my sites were hacked today by the same guy. although not all of them are wordpress sites.

    you seem to have gotten hit worse all he did to me was inject a new index.html file with “by iskorpitx” in plain text.

    wonder if it was a wordpress exploit that allowed him access to my server?

    Thread Starter minhternet

    (@minhternet)

    My host support got back to me, looks like it was a server wide issue, someone had an old Joomla script on their site that was exploited. All fixed now, kudos to Laughingsquid for the unbelievable support. Really outstanding. I recommend them highly.
    Thanks for the help guys,
    Minh

    Which hosts are you all with?

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘My blog’s been “Hacked BY iSKORPiTX; (TURKISH HACKER)”’ is closed to new replies.