Support » Everything else WordPress » WordPress Instalation Hacked!

  • Hi, I am using wordpress for the Asido project website (http://asido.info). Today I found a file inside my plugins directory that I haven\’t uploaded. When I run it it turned out to be some hack tool for browsing server-side. It is called \”C99madShell v. 2.0 madnet edition\”. If you want I can forward it to you.

    So, my question is how does this happen ? I don\’t have anything else stored on the hosting account where Asido.info is except wordpress. Is there some security problem I need to know about ?

Viewing 5 replies - 1 through 5 (of 5 total)
  • whooami

    (@whooami)

    Member

    ...meta name="generator" content="WordPress 2.1.3" /> <!-- leave this for stats -->

    It happens when webmasters dont pay attention:

    LOOK on your dashboard — those feeds include upgrade information.

    Failing that, there’s always here:

    http://wordpress.org/development/

    In other words, if you cannnot keep your software current – you have nowhere else to look but at yourself.

    this is strange, im using 2.1.3 and got the same problem.

    Because 2.3.2 is the latest version and you haven’t updated.
    http://wordpress.org/download/

    wth, since when is there two jeremy clark[e]’s in WordPress land?

    This is alarming.

    I was hacked on my own server I run from my house. They changed my config file which put up a black page that stated I was hacked by CEM111 and went on to show a flash slideshow stating that it was done in the name of the islamic community.
    I just found the c99shell on the drive but also noticed a complete shell running aparently called locus7shell which if you run a search on google for the you will notice that there are a large amount of people out there that are infected with this and you have access to their files on the servers with command options including uploading.
    I have since taken my site down and deleted everything.

    I suspect that they did this going through the setup-config.php file in the admin directory. from there changing the config file which opened them up for the rest of the changes. Of course this is just my suspicion not a fact. So one bit of advise is to make sure after installing your WP make a backup of the setup-config.php file and delete the one on the server. Then make sure to set the config file to read only

    Other then that I dont know what

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘WordPress Instalation Hacked!’ is closed to new replies.