Comments on: My Site was Hacked http://www.mikeonads.com/2008/06/19/my-site-was-hacked/ Ramblings about online advertising, ad networks & other techie randomness Mon, 19 Jul 2010 20:29:21 +0000 http://wordpress.org/?v=2.8.4 hourly 1 By: janey http://www.mikeonads.com/2008/06/19/my-site-was-hacked/comment-page-1/#comment-59885 janey Sun, 30 Nov 2008 19:35:13 +0000 http://www.mikeonads.com/2008/06/19/my-site-was-hacked/#comment-59885 I installed wordpress 2.6.5 on my server yesterday and 15mins ago there were lots of categories added that I had not put there. I spent 2 days working on it, then had to delete it. In the categories was crazyhorse, thanks for nothing crazyhorse I installed wordpress 2.6.5 on my server yesterday and 15mins ago there were lots of categories added that I had not put there. I spent 2 days working on it, then had to delete it. In the categories was crazyhorse, thanks for nothing crazyhorse

]]> By: Debbie D http://www.mikeonads.com/2008/06/19/my-site-was-hacked/comment-page-1/#comment-41519 Debbie D Mon, 07 Jul 2008 03:56:26 +0000 http://www.mikeonads.com/2008/06/19/my-site-was-hacked/#comment-41519 it could and possibly was both.. WP had had numerous vulnerabilities and several major host farms were attacked and servers infected.. Mike.. are you us based?? I have someone doing a major article on this and needs to speak to a US based site that was recently attacked. I hope you can grab my email address from your control panel.. it could and possibly was both.. WP had had numerous vulnerabilities and several major host farms were attacked and servers infected..

Mike.. are you us based?? I have someone doing a major article on this and needs to speak to a US based site that was recently attacked. I hope you can grab my email address from your control panel..

]]> By: Mike http://www.mikeonads.com/2008/06/19/my-site-was-hacked/comment-page-1/#comment-40014 Mike Sat, 21 Jun 2008 11:11:37 +0000 http://www.mikeonads.com/2008/06/19/my-site-was-hacked/#comment-40014 Thanks Greg -- seems all is clear. In case this happens to anybody else, it seems McAfee identifies the hacked PHP files. (Found this out when it scanned through the backup I downloaded to my laptop and I got all sorts of Virus warnings!) -Mike Thanks Greg — seems all is clear. In case this happens to anybody else, it seems McAfee identifies the hacked PHP files. (Found this out when it scanned through the backup I downloaded to my laptop and I got all sorts of Virus warnings!)

-Mike

]]> By: Justin Watt http://www.mikeonads.com/2008/06/19/my-site-was-hacked/comment-page-1/#comment-39840 Justin Watt Thu, 19 Jun 2008 15:53:08 +0000 http://www.mikeonads.com/2008/06/19/my-site-was-hacked/#comment-39840 Mike, similar thing happened to me, I don't think it was so much a vulnerability in WP, as much as my password being exposed by Dreamhost. So word to the wise, I'd recommend changing your webhosting and WP passwords. I wrote up my experience here: <a href="http://justinsomnia.org/2007/08/search-engine-marketeers-are-the-new-script-kiddies/" rel="nofollow">Search Engine Marketeers are the new script kiddies</a> Mike, similar thing happened to me, I don’t think it was so much a vulnerability in WP, as much as my password being exposed by Dreamhost. So word to the wise, I’d recommend changing your webhosting and WP passwords. I wrote up my experience here: Search Engine Marketeers are the new script kiddies

]]> By: Greg http://www.mikeonads.com/2008/06/19/my-site-was-hacked/comment-page-1/#comment-39828 Greg Thu, 19 Jun 2008 13:10:27 +0000 http://www.mikeonads.com/2008/06/19/my-site-was-hacked/#comment-39828 Mike -- Because WordPress is open source and widely-used it's routinely examined for security vulnerabilities. Got to keep it up to date to minimize your chance of this stuff happening. I'd actually reinstall from scratch, check the .htaccess file, etc. instead of just upgrading to minimize the odds of a backdoor being present (and not overwritten by the upgrade). Tons of articles on this out there but this one is representative: http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/comment-page-1/ -- Greg Mike –

Because WordPress is open source and widely-used it’s routinely examined for security vulnerabilities. Got to keep it up to date to minimize your chance of this stuff happening.

I’d actually reinstall from scratch, check the .htaccess file, etc. instead of just upgrading to minimize the odds of a backdoor being present (and not overwritten by the upgrade).

Tons of articles on this out there but this one is representative:

http://ocaoimh.ie/2008/06/08/did-your-wordpress-site-get-hacked/comment-page-1/

– Greg

]]>