WordPress.org

Support

Support » How-To and Troubleshooting » Seriosu security issue

Seriosu security issue

  • Awoke I this morning to the gloomy realisation that some Ukrainian aholes have hacked my WordPress site.

    I don’t know how they did this, but I can’t get into my admin area and I can’t seem to find the installation in my host’s Fantastico panel. It’s disappeared.

    This is a huge concern for me because I thought I had finally found a CMS that I could work with safely. I’m not all that clued up on networking and security so I would really appreciate some assistance.

    I’m not going to post my URL here (for fear of further hacks) but I can say that when I type it in I am getting this error:

    Warning: Cannot modify header information – headers already sent by (output started at /home/XXXXX/public_html/XXXXX/cms/index.php:11) in /home/XXXXX/public_html/XXXXX/cms/wp-includes/functions.php on line 1450
    Error establishing a database connection

    The browser is also trying to get info from the following place: http://ccfelomvhk.com but timing out.

    How did this happen? How can I fix it & how can I prevent it from happening again?

Viewing 4 replies - 1 through 4 (of 4 total)
  • What version of Wordress was your site using? It’s an “arms race” kind of situation at work here:

    The popularity of WordPress, and the *huge* number of blogs running it, makes it extremely attractive to black-hat vandals. The WordPress community generally reacts very quickly to a reported exploit, and releases updated code to close the hole, but many users *do not upgrade*, and therefore continue to run blogs with code that has known weakness for these guys to attack.

    You *must* stay on top of the upgrade process to minimize the risk of your site being exploited.

    I was running 2.3.3 (I think?). It was the version just before 2.5 that came out about a week after I installed.

    Thankfully I didn’t have too much data in there but it pains me to have to start again. At least my theme modifications I have backed up, so that was my main “investment”.

    They also got into my Coppermine installation and screwed that up beyond recognition.

    Has anyone else had break-ins with 2.3.3? What do I need to do to try and restore it?

    whooami

    @whooami

    Member

    it was your coppermine install that was prolly the source of the problem. if you search ….

    http://www.google.com/search?hl=en&q=ccfelomvhk.com+coppermine&btnG=Google+Search

    This is a huge concern for me because I thought I had finally found a CMS…

    did you do *any* research before jumping on the “my wp has been hacked” bandwagon? Its hard enough to deal with legitimate WP problems, we dont need coppermine’s as well.

    Yes, I did. I immediately thought it might be Coppermine because I have been getting a lot of reggies on there recently that were trying to post spam.

    However, if it was Coppermine, how did it manage to screw up my WP installation? What am I not understanding?

    Please realise that not everybody is a web developer. We use this Open Source stuff because we can’t develop it on our own.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Seriosu security issue’ is closed to new replies.
Skip to toolbar