I GOT HACKED!

bestrendz

13 years ago

first things first.. change your password to a strong one then move on from there.

Thanks

{{ DiscussionBoard.errors[3379301].message }}

Fernando Veloso

13 years ago

Ouch.

That is not good. How's your hosting dealing with it? Have you been able to remove all bad scripts?

Thanks
1 reply

Signature

People make good money selling to the rich. But the rich got rich selling to the masses.

{{ DiscussionBoard.errors[3379352].message }}

notrichyet 13 years ago

Do you have a firewall plugin installed? If not you might want to think about getting one for the future....

Cheers!!
Mary
- Thanks
{{ DiscussionBoard.errors[3379377].message }}

cpadualcore

13 years ago

Jeez. I got into this mess too a few days ago. I first thought it was a wordpress issue, but later found that all my wp installations on that particular server got into this problem. Wordpress sites on my other hosting accounts was not affected. The problem went away after some 24 hours. So I didn't care about it. . But now I'm little tensed. .

Where did u find that encrypted code ? Themes folder or plugins or any particular file? Can you pls tell ?

Thanks

Signature

COMING SOON

{{ DiscussionBoard.errors[3379557].message }}

Chri5123

13 years ago

Hopefully you have full backups of everything?

Just change passwords and reinstall and always make sure you are updated to the latest WP version.

Thanks

{{ DiscussionBoard.errors[3379596].message }}

bestrendz

13 years ago

a few weeks ago my blog was also hacked. whoever hacked it was selling cialis and viagra. they inserted links to my content. all i did was change the password and it didnt happen again.

Thanks

{{ DiscussionBoard.errors[3379647].message }}

smwordsmith

13 years ago

Hackers should be hung.

Thanks
3 replies

Signature

Sheila

{{ DiscussionBoard.errors[3379675].message }}

Caleb Spilchen

13 years ago

Originally Posted by Chris Kent

Death penalty for someone breaking into a computer?

A bit harsh, don't you think?

Nah... Kill em all..

lol.

There are Ethical hackers and unethical ones... The one's who hacked this one pushed the unethical line... When I say Ethical, I don't mean legal, or great. I just mean that they have a code of ethics, for example.... If they hack a site, and remove files.... They keep a local back up, and on there "HACKED" page they tell the webmaster how to contact them.

There ethics are basically helping people find "intrusion points", and exploiting them.. Then, fixing it.

Thanks
1 reply

Signature

Canadian Expat Living in Medellin, Colombia

{{ DiscussionBoard.errors[3380136].message }}

Mike Baker

13 years ago

Originally Posted by Caleb Spilchen

Nah... Kill em all..

lol.

There are Ethical hackers and unethical ones... The one's who hacked this one pushed the unethical line... When I say Ethical, I don't mean legal, or great. I just mean that they have a code of ethics, for example.... If they hack a site, and remove files.... They keep a local back up, and on there "HACKED" page they tell the webmaster how to contact them.

There ethics are basically helping people find "intrusion points", and exploiting them.. Then, fixing it.

There is no such thing as an ethical hacker. You can think that all you want, but the instant they enter your computer, there ain't no ethics involved anymore. They have crossed the line and are now a hacker.

Thanks

Signature

{{ DiscussionBoard.errors[3380156].message }}

Mike Baker 13 years ago

Originally Posted by smwordsmith

Hackers should be hung.

They wish they were all hung. :p
- Thanks
Signature
{{ DiscussionBoard.errors[3380149].message }}
Nightengale 13 years ago

Originally Posted by smwordsmith

Hackers should be hung.

Right along with the spammers!

Michelle
- Thanks
Signature

"You can't market here. This is a marketing discussion forum!"
{{ DiscussionBoard.errors[3391137].message }}

davewebsmith

13 years ago

Try update your wordpress to the latest version .... like anti virus updates you need them to update the code and close know security holes.

eg) this was a release

WordPress › WordPress 2.8.4: Security Release

Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn't allow remote access, but it is very annoying.

Thanks

{{ DiscussionBoard.errors[3380074].message }}

Mike Baker

13 years ago

More than likely you installed a free theme that had spyware in it. Be careful where you download your themes from.

Thanks

Signature

{{ DiscussionBoard.errors[3380112].message }}

Caleb Spilchen

13 years ago

Originally Posted by Jason H

Somebody recently hacked into my account, and now all my WordPress blogs are messed up in the Wp-admin area.

I don't know how, but I logged into WordPress site yesterday and first noticed the messed up admin area, where everything is misplaced and all over the place, such as the menu tabs were stretched to the bottom and the dashboards items were all situated on the very bottom footer. I first thought it was just some temporary issue that will automatically resolved itself, but 24 hours later the admin area was still like this; therefore, I called in my host provider and they told me there were some encrypted codes that were not supposed to be there!

I don't think whoever did this, painstakingly went through all my WordPress sites and did this as I said all my WordPress sites are like this, they probably upload something 1 time that affected all my WordPress blogs.

The thing I'm concerned about is what about my other sites that are not Word Press sites, but normal static sites, even though there are no apparent signs, they have been compromised, they could still be there.

Honestly, I'm really nervous about this...

Hey,

If your sites are still working on the frontend, I might be able to help you... So can Istvan Horhath I think.. It may just be a couple codes to remove.

Edit: If the database is still there.. You'll want to back that up, and redo the entire site with a new wp install, and then change the config to load the database for the old install.. What this will do, is reinstall the backend to remove all viruses/spyware

Caleb

Thanks

Signature

Canadian Expat Living in Medellin, Colombia

{{ DiscussionBoard.errors[3380113].message }}

peterhawkins

13 years ago

i expericed something similar, they did i by accessing my FTP accoun and installing malicious code on all the index pags of my sites, i spotted it at on last 4lines of cide on each page.

Your hosting provider should tel you how to deal with this. I would advise changing your FTP details immediatly and thenonce you have had the code removed, back-up the new files or ask your hosting provider to make a back-up fo you incase of future hacks!

Thanks

{{ DiscussionBoard.errors[3380129].message }}

Rumpleteazer

13 years ago

Contact your host to see what help they can provide. One of my sites got hacked recently and my host sorted it all out for me.

Thanks

{{ DiscussionBoard.errors[3380134].message }}

Yadira Barbosa

13 years ago

One of my blogs was hacked too and the hacker install some phising elements on it.

So, they don't touch anything visible on the site, so I don't notice the problem, until I receive an email from hostgator that let me know.

They remove the harmful codes and let me know to change the password.

But hostgator

Thanks

Signature

FREE Amazing Sales Funnel Software

List Building Made Easy

{{ DiscussionBoard.errors[3380162].message }}

Caleb Spilchen

13 years ago

There is no such thing as an ethical hacker. You can think that all you want, but the instant they enter your computer, there ain't no ethics involved anymore. They have crossed the line and are now a hacker.

I never said it was right.. I said some of them have "Ethics", and won't totally ruin some ones site. I don't think its right, but I think it's better then them completely totally a site.

I've never hacked, nor do I have a clue how to hack lol.

Caleb

Thanks
1 reply

Signature

Canadian Expat Living in Medellin, Colombia

{{ DiscussionBoard.errors[3381220].message }}

Brian Alaway 13 years ago

An ounce of prevention is worth a pound of cure: WordPress › BulletProof Security « WordPress Plugins

Don't just blindly activate without first reading the instructions.
- [ 1 ] Thanks
Signature
How to Configure Secure FTP
{{ DiscussionBoard.errors[3381647].message }}

megalinktraffic

13 years ago

hackers should correct themselves, no one else could do it..
I am sure its a pain on these mis behavings..
it should be Live and let Live..and everyone must prosper..
be the best
rueben

Thanks
1 reply

Signature

Kata Technik Powerful Easy System to Earn Fast..

{{ DiscussionBoard.errors[3382217].message }}

RyanRobinson 13 years ago

You are all using the word "hacker" in the wrong context.

The term "computer hacker" was coined in the late 70s, early 80s when techies and programmers started to build their own computers and writing their own programs to run on them. They were called hackers because they took bits and pieces of computer hardware and used them to build computers. In programming they would write and modify code to make it better or do other stuff.

You will find that one of the co-founders of Apple, Steve Wozniak was labelled a computer hacker as he built the first Apple computer himself.

Hacking was associated with crime and breach of security as it was wrongly used by the media during times of famous security breaches of large companies.

The hackers this thread is mainly talking about are what known as crackers or script kiddies.

Some more info here,

Your guide to the seven types of malicious hackers | Security Central - InfoWorld
- Thanks
- 1 reply
{{ DiscussionBoard.errors[3390504].message }}
- halmo 13 years ago
  
  I know this is not a solution for the OP's current situation, but for future, Backupbuddy and WPTwin (these are not affiliate links)are good backup systems for WordPress that can reinstall everything (both the WordPress side and the hosting aide) with one click (or maybe a few clicks).
  
  Some more info here,
  
  Your guide to the seven types of malicious hackers | Security Central - InfoWorld
  
  Is there some kind of a guide you guys could recommend that would lay out the major points of securing a site (i.e. the types of security a site should have, and how to go about each) Something like above article did by laying out the seven types of hackers.
  
  Thanks
  
  {{ DiscussionBoard.errors[3390974].message }}

DogScout

13 years ago

Check for a wayward .HTAccess file in the same folder as your theme's css file. Deleting it should solve the problem IF it is the result of a certain group of kiddies. (If it is in wp-admin, that's not them, they hack servers, not installs or accounts).

Thanks

Signature

Otis's Blog (Own The Internet, Silly)Paint Shop Tubes - Free images - Free Graphics - Free Photos - 3D - Poser Tubes - Scrap Kits

{{ DiscussionBoard.errors[3391012].message }}

Andrea Wilson

13 years ago

I think the best way to do this is to reinstall your back-up. It will help you get a fresh start your your sites. Yeah, agreed hackers should be hung, they are praying on other people's hard work.

Andrea

Thanks

Signature

Virility Ex|Mobile Website Design|Yeast Infection Causes|Extenze Male Enhancement

{{ DiscussionBoard.errors[3391176].message }}

I GOT HACKED!

Trending Topics

Newbie

How did you turn it all around?

A healthy fascination for Hollywood...

best high quality crypto traffic.

Any thoughts on golf's latest phenom...Scottie Scheffler??