Support » Fixing WordPress » site hacked

  • Resolved Aaron

    (@ergate)


    I have a site that is powered by wordpress 1.5.2 and it was recently hacked the root level of the install now reads “spykids ownz you”. I dont think this was a security issue with WordPress, I am working with the admins of the server and we are trying to isolate what allowed the penetration. I can log into the admin section with no problem, none of the entries, users or passwords are affected.

    If you have heard of this with a WP site please let me know. I will post back anything that we find out.

    Aaron

Viewing 15 replies - 1 through 15 (of 19 total)
  • I’m sorry to hear that happened to you. Good luck with everything.

    update, I miss-typed the version of WP that is being used, it is 1.5.3.

    1.5.3? or 1.5.13?

    my site has been hacked too (running 1.2). too bad, the intruders got root on whole server runing some more important services than my weblog ;( I hope that latest version of WP is secure…

    sorry again, it is 1.5.1.3

    Like I mentioned earlier, I do not necessarily think it was WP that was hacked, I think something else was exploited.

    it’s very probable that it was WP.

    WOOOAHHHHHHHH – why say that ????

    reuptake – please make your comment really clear. It looks to a casual observer that you are making comments about the current version.

    Moderator James Huff

    (@macmanx)

    If you are using WP v1.5.1.3, then it could have been hacked. Please upgrade to WP v1.5.2 ASAP.

    No on the Cpanel.

    I have downloaded the upgrade and will get that taken care of as soon as my admins finish doing what they are doing and give me the ok.

    I said that because exploit for v1.5.1.3 is widely spread and very easy to find.

    Ok, to wrap up the problem that led to the site being hacked.
    It was NOT a wordpress problem, they did not hack the script or any direct part of the install. Here is a portion of what the sysadmin on my server had to say
    “…I’ve searched the server for vulnerability and [there] are some clients who have old versions of phpBB and this is the way that hacker got in (he have user apache), then he used a script to search all index.php/index.html file and put there “spykids ownz you”. ”

    To make a long story short, a different script had a vulnerability in it and that was exploited, and used to re-write a page that WP uses.

    I should also follow up with one last bit, the index file that was written over was not the index file at the root of the WP install, but the index file that was in the current theme.

    Entirely possible. Thank you for clearing all of that up ergate. Sorry you got script-kiddied, but I’m glad it wasn’t a problem with WordPress.

    I got it too, where do you find the fix?

Viewing 15 replies - 1 through 15 (of 19 total)
  • The topic ‘site hacked’ is closed to new replies.