security hell… and live to tell
many of you have pointed out that searching for my site on google prompts the user that my site may harm your computer. my wordpress installation was hacked and some code was injected into my index.php which was causing people’s browsers and anti-virus software to scream.
i have just upgraded to the latest and greatest wordpress and have upgraded three of my plugins (i have my thoughts on what may have been responsible), and hope everything is back to normal now; especially since i have a big day of posting planned for tomorrow.
p.s. i’m sorry for any inconvenience. trust me, i’m just as annoyed.
hi! if you're new here and like what you read, you may want to grab the rss feed so you can always be up to date. thanks for visiting!
October 29th, 2007 at 11:03 pm
Sorry to hear that, man. Hope everything is fine now.
October 31st, 2007 at 3:00 pm
Was this an attack that appended a javascript tag plus a long string of encoded data, then a closing javascript tag? If so, it wasn’t wordpress-specific. Domains that housed static .html files, as well as sites that used drupal, postnuke, or shopping carts all got hit.
They get your password, after which they use a script to fetch your files on a regular basis, then ftp files that are the same as your index.html, index.php, etc., except with the scrtpt appended.
The give-away? After pulling down all the sites and deleting all the content, I put up “bait” - index.html files that were almost empty - and they ftp’d new files with the same data, and their script appended, twice within a 2-hur period. It seems to have stopped once the passwords were changed.
They may have your password. Change it, just to be safe.
January 6th, 2008 at 3:40 pm
[…] insecure piece of software. However, not keeping up to date with the updates and patches is very risky business. From experience it’s enough effort keeping one or two blogs up to date. Imagine trying to […]