Support » Fixing WordPress » Site hacked through Akismet

  • 09-07-2011 hack script were flooded in the directory: /home/***/ public_html/wp-content/plugins/akismet. Hacking has been made with the help of this script below:
    http://***.com/wp-content/plugins/akismet/akismet.php

    Responsibility for breaking assumed “HacKeD By RKH Team”

    The script was filled using one of the holes in the code already installed plugins, as malefactors have cleared the logs to access account, so that they could calculate the log files at the physical server.

    wordpress 3.2 (fresh)

Viewing 4 replies - 16 through 19 (of 19 total)
  • Also, if you must keep the “admin” username, I would recommend adding another account to the Administrator role, and changing “admin” to Subscriber. That way, even if someone brute-forces, phishes, or otherwise acquires the “admin” username password, use of that account will be sandboxed.

    I’ve seen this one happen a few times now. When I look at the logs, it looks like they just log in (no new user), and go to the plugin editor and add their code. What are the common ways that they get the password? I already changed it once for a client and removed the ‘admin’ user.

    Many hackers are now entering via FTP have gained access to the login credentials via unencrypted FTP transfers. So ensure that you use SFTP or encrypted FTP at all times.

    I’ve just received notification via email from my WordPress Firewall plugin stating that it has detected and blocked a potential attack which seems to target the Akismet plugin – may be worth installing this plugin, particularly if it’s going to catch attacks like this [as it has done with my site]!

Viewing 4 replies - 16 through 19 (of 19 total)
  • The topic ‘Site hacked through Akismet’ is closed to new replies.