WordPress.org

Forums

Spam link insertion hack (3 posts)

  1. Miha Petelin
    Member
    Posted 4 years ago #

    Hello,

    I run a few blogs and some of them have been compromised by hackers. I discovered foreign links within my articles as well as the sidebar, typically cialis and pill links.

    I already have removed those foreign links and changed passwords (mysql, cpanel etc.), however I cannot help but wonder how did they get through. From what I've observed, they haven't actually gained access to WordPress; they altered the database directly. Template and WordPress files were left unchanged. In some cases, links were inserted into <img> tags, thus breaking them, which leads me to believe that links were inserted into post_content data randomly.

    I have searched, however I am not sure what search terms to use; most results are ambigious.

    I would appreciate advice on how to protect my blogs from these attacks; or at least proper search terms that I can use.

    Thank you,
    M.

  2. Samuel B
    moderator
    Posted 4 years ago #

  3. Miha Petelin
    Member
    Posted 4 years ago #

    Looks like there was an obfuscated backdoor in the database after all. I'll have to ramp the security up a bit more after dealing with those backdoors. Thanks!

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.