WordPress Site Hacked | WordPress.org

fillerline
(@fillerline)

15 years, 6 months ago

Our WordPress (3.0.1) website was hacked 2 days ago. The defacer went to theme-editor.php and edited our index.php. The defacer was able to log in without any traces of bruteforcing. I think he was knowledgeable of the password at first. Though before the access, he went to view wp-content’s contents and plugins before he was able to log in. The codes and the database were unchanged. The password for wp-admin was touched though.

The hacker named protocol is from Dos-DZ team who’s a part of a network of hackers named DZ hackers.

So what do you guys think?

Viewing 3 replies - 1 through 3 (of 3 total)

Thread Starter fillerline
(@fillerline)

15 years, 6 months ago

up

Moderator t-p
(@t-p)

15 years, 6 months ago

see:

http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Then implement tips of this guide: http://codex.wordpress.org/Hardening_WordPress

Thread Starter fillerline
(@fillerline)

15 years, 6 months ago

Sorry if I wasn’t clear about what I want to ask but I want to clarify how the hacker was able to gain access to the backend.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘WordPress Site Hacked’ is closed to new replies.

Tags

hack wordpress

In: Fixing WordPress
3 replies
2 participants
Last reply from: fillerline
Last activity: 15 years, 6 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics