WordPress.org

Forums

Site Hacked (9 posts)

  1. gregorsmith
    Member
    Posted 9 years ago #

    Just a heads up to everyone running WP1.5.2, but I woke up this morning to find this post on my site

    <img src='http://www.scamcity.co.uk/journal/images/hacked.gif' alt='Hacked Screenshot' />

    Obviously they are exploiting some security flaw in WP, does anyone know of anything?

  2. Mark (podz)
    Support Maven
    Posted 9 years ago #

    There was a known issue as this prompted the release of 1.5.2
    Hopefully they did no other damage ?

  3. gregorsmith
    Member
    Posted 9 years ago #

    No, just this one post, thankfully... still a bit of a violation though

  4. Pizdin Dim
    Member
    Posted 9 years ago #

    Were you running 1.5.2 at the time? I thought that release was for supposed to prevent that?

  5. gregorsmith
    Member
    Posted 9 years ago #

    Yes, I was running 1.5.2 at the time

  6. skippy
    Member
    Posted 9 years ago #

    Are you sure they didn't just guess your admin password?

    Do you have any web server logs to help verify the claim ?

  7. Mark (podz)
    Support Maven
    Posted 9 years ago #

    The original post said 1.5.1.3 ?

  8. Joni
    Member
    Posted 9 years ago #

    I'm concerned about their kudos to irvirus.com. "IR" -- there was a 150GB MPEG file placed in a ".cron" folder on my web design site and there were many references to "iroffer" in it. Wonder if it's the same bunch? Some on this board surmised my host may have been "rooted." Might that have happened to you? In that case, WP is not to blame, but your host's lack of adequate security. Search for "iroffer" to see the entire thread on that topic.

  9. gregorsmith
    Member
    Posted 9 years ago #

    Skippy, I change my password on a semi-regular basis

    podz, the original post always said 1.5.2

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags