Support » Plugin: Sociable » You're aware you've been hacked?

  • Kuratur

    (@kuratur)


    Hi,

    The Sociable plugin, version Version 4.3.4.1, appears to have been hijacked today. Around 1pm Eastern U.S. time it caused our blog posts to not display the blog contents and to display what appeared to be the site navigation menu for killerstartups.com.

    Here’s what it’s injecting into the source

    <div class="entry-content">
    			<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>KillerStartups.com™</title>
    <meta http-equiv="content-language" content="en" />
    <link href="/css/styleKiller.css" rel="stylesheet" type="text/css" />
    <script type="text/javascript">var disqus_iframe_css = "http://www.killerstartups.com/css/disqus02.css";</script>
    <link type="image/x-icon" href="/favicon.ico" rel="shortcut icon" />
    <link rel="apple-touch-icon" href="/iphonekiller.jpg" />
    </head>
    <body>

    [Moderator Note: Please post code & markup between backticks or use the code button. Your posted code may now have been permanently damaged by the forum’s parser.]

    http://wordpress.org/plugins/sociable/

Viewing 7 replies - 1 through 7 (of 7 total)
  • TheHiveQueen

    (@thehivequeen)

    I’m having the same issue on my site and not sure what to do. Guidance would be appreciated.

    http://avalonjacksonvillebeach.com/what-you-get-for-the-money-coastal-new-construction-in-jacksonville-beach/

    TheSolverItaly

    (@thesolveritaly)

    Simply disable or cancel installation untill resolved vulnerability. Also my site this night, 2013 sept 19, was hijacked. Resolved disabling and deleting.

    Kuratur

    (@kuratur)

    Hi, TheHiveQueen.

    There’s only one thing for it. You must disable the Sociable plugin.

    I hate to say it, but the fact that these guys haven’t addressed the breach or done anything about it means they aren’t looking after their plugin any more. Just as well to find an alternate solution, of which there are many 🙂

    rogal

    (@rogal)

    I had the same problem. I deactivated and deleted the plugin.

    Peterkopi

    (@peterkopi)

    Sad but true. Deactivate or uninstall the plugin!

    Erh…. this plugin is only compatible/tested up to 3.3.2 … which would anyone still be running the code…? I mean, I’on ok running 3.5.x tested stuff, but 3.3 ?

    Thanks for the heads up, shame, real good plugin, hope they fix it soon if the project is still alive.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘You're aware you've been hacked?’ is closed to new replies.