security hell… and live to tell

many of you have pointed out that searching for my site on google prompts the user that my site may harm your computer. my wordpress installation was hacked and some code was injected into my index.php which was causing people’s browsers and anti-virus software to scream.

i have just upgraded to the latest and greatest wordpress and have upgraded three of my plugins (i have my thoughts on what may have been responsible), and hope everything is back to normal now; especially since i have a big day of posting planned for tomorrow.

p.s. i’m sorry for any inconvenience. trust me, i’m just as annoyed.

3 thoughts on “security hell… and live to tell

  1. hudson

    Was this an attack that appended a javascript tag plus a long string of encoded data, then a closing javascript tag? If so, it wasn’t wordpress-specific. Domains that housed static .html files, as well as sites that used drupal, postnuke, or shopping carts all got hit.

    They get your password, after which they use a script to fetch your files on a regular basis, then ftp files that are the same as your index.html, index.php, etc., except with the scrtpt appended.

    The give-away? After pulling down all the sites and deleting all the content, I put up “bait” – index.html files that were almost empty – and they ftp’d new files with the same data, and their script appended, twice within a 2-hur period. It seems to have stopped once the passwords were changed.

    They may have your password. Change it, just to be safe.

    Reply
  2. Pingback: You should realise that Wordpress is not right for everything » Adam Taylor - Conversion Matters

Leave a Reply

Your email address will not be published. Required fields are marked *