WordPress.org

Support

Support » How-To and Troubleshooting » WordPress Hacked and Redirected … Again

WordPress Hacked and Redirected … Again

  • Last week I got hit with this:

    http://wordpress.org/support/topic/179702?replies=8

    I upgraded WP to the latest version and restored backups and the problem seems fixed.

    Yesterday now when I click on my sites via Google I get redirected to http://anyresults.net

    Anyone have any ideas on how this happened again or any solutions?

    I wonder if it is problem with my host – Dreamhost – as blog I have with other companies are not affected. If anyone else is afected by this I am curious to know what host you are using.

Viewing 15 replies - 1 through 15 (of 58 total)
  • Hi bob, i also got redirected when i click my site from google. I didnt upgrade my WP blog eve since…. I wonder who owns this that anyresults.net .. I hope my site is not getting hacked :(. Im on server century. whats yours?

    i am on bourbon.

    i am going to try this solution.

    http://www.magpiebrain.com/blog/2008/06/01/wordpress-site-hacked/

    do anyone know how to find wp_options? i am a n00b at this database stuff : )

    Yep! I’m in Yahoo hosting and I just discovered yesterday that my site http://www.CoolBrit.net also redirects sometimes in Google. The bigger worry is that Google seems to be tossing out sites that get redirected to anyresults.net. I’m not sure if I’m still in Google. When I type CoolBrit.net my site isn’t listed but when I type in Coolbrit it is still listed. Weird.
    I delayed the upgrade too. Do I just need to upgrade? Will this fix it all automatically?

    wp_options, usually should be in your database

    i think i found it. but have zero idea on how to edit this : (

    I have no clue how to fix this. I don’t think I ever created a backup. I guess wait for a manual fix to pop up on here, then try that. Interesting with Yahoo hosting I was prompted to upgrade but I guess it was a separate WordPress upgrade because Yahoo Hosting upgrades automatically. Meaning I would have to manually install the new version. So I don’t think Yahoo has the latest version all the time. So some delay in keeping up to date with the latest version I guess.
    My redirect seems to be random – Every 10-12 visits searched on Google I think.

    i gave up. no one in the wordpress community cares about helping someone hacked by their buggy shit cms. i used to love them, but now i know why so many experienced webmasters think wp is shit.

    i got hacked with the latest version. so the comments of “you should have updated” are worthless. there are serious issues that are making some hacker fuck massive $$$. i’m sure thousands of blogs are making some asshole thousands in ppc income.

    don’t wait for a easy solution. it isn’t going to be coming from the “community”

    “wisdom of the crowd” my ass.

    i gave up. no one in the wordpress community cares about helping someone hacked by their buggy shit cms. i used to love them, but now i know why so many experienced webmasters think wp is shit…
    …so the comments of “you should have updated” are worthless. there are serious issues that are making some hacker…

    Bullshit.

    ahem… let me clear my throat. BULLSHIT. There, that’s better.

    Your prior pleas for commiseration due to n00b-dom-ness (‘yup, I just made that word up,) bring into question your qualifications regarding the regurgitation of such unenlightened statements.

    But I hope you sort it out ok. Being hacked sucks big time.

    Be well. Cj.

    any solutions sir?

    i’ve been talking with people who have used every solution put forward in this forum – and it hasn’t resolved anything? solutions please?

    I have to mostly agree with Bob regarding this bug. The scary part is that Google might kick out sites that have this. Then what? We’re dead in the water. I just found out that my other three sites have this too.
    I spent a couple of hours on the phone with my hosting company and we couldn’t figure it out based on the explanation given on that other hack redirect solution.
    It looks like your right Bob about it hitting version 2.5.1 – Others are starting to get this too.

    http://www.askdamagex.com/t27457-wp-google-redirect-hack-is-back.html
    http://forums.digitalpoint.com/showthread.php?s=a910a8c6d69d8b455a43a32027e2638d&t=872446

    While waiting for wordpress guys to fix this I did what I could, and this is what I figured out:

    This hack backdoors a random plugin (any of whichever plugins you have activated). You can switch your plugins off one by one, and test to see if the hack is still active. When you hit the right plugin, the site should be back to normal and the hack gone (for now). You are still vulnerable and it’s very likely that they will hack you again. But for the time being you are OK. Just replace that plugin with a fresh copy and you can use it again.

    If you can’t be bothered by looking for the right plugin, just overwrite your entire plugin folder with a saved plugin-folder containing all OK plugins.

    I can’t wait to hear where wordpress went wrong to allow this to happen.

    I emailed the anyresults.net hosting company and domain registrar. The guy should soon have to start all over with a new domain. While we wait for the wordpress guys to fix this, you can call/email/fax the guys ISP and domain registrar, reporting this.

    From what I figured out, his ISP is ISPrime (isprime.com) and his domain registrar is publicdomainregistry.com

    Best Regards,
    Andre

    i just deleted all my plugins but issue still seems to be there unfortunately.

    yeah i reported him to publicdomainregistry.com and also helps to report him to the adult companies the redirect goes to sometimes.

    I have a folder with untampered plugins (I use the same plugins on many blogs, so I found one that’s not been tampered with). I then go to hacked wordpress wp-content/plugins/ and delete everything in the folder. Then I copy the untampered plugin folder’s content in, and it all works fine. I don’t even have to re-enable the plugins, because it’s like they were never gone.

Viewing 15 replies - 1 through 15 (of 58 total)
  • The topic ‘WordPress Hacked and Redirected … Again’ is closed to new replies.