[wp-hackers] Hacked blogs

g30rg3_x g30rg3x at gmail.com
Thu Mar 26 22:29:36 GMT 2009


The hacked blog(s) run on a shared-hosting or private/dedicated server?

Cause there is possibility that the wordpress blog/site wasn't
directly attacked and it was a random site inside the shared-hosting
environment and if this hosting is improperly configured/secured the
attack could be triggered from that second site (or worse, the "worm"
could root the server and start spreading the infection all over the
server pages).

I have encounter this scenario tons of times (50>) in all, i was able
to edit other users pages or well even became root on the server...
Best shot you have (in order to prevent further attacks) is to contact
the sys-admin(s) and pray they make the necessary changes to secure
the environment.


2009/3/26 Joost de Valk <joost at yoast.com>:
> Hey guys,
> I've been restoring 5 hacked blogs the last few days, all running 2.7.1 but
> spread over different hosts, can't find the hole yet that they're getting in
> through, but I'd thought I'd send out a warning to all of you that something
> seems to be wrong...
> Best,
> Joost
> me *Joost de Valk*
> Online Marketing, WordPress, SEO & Social Media Strategy
> OrangeValley <http://www.orangevalley.nl> & Yoast <http://yoast.com>
> E: joost at orangevalley.nl <mailto:joost at orangevalley.nl> - joost at yoast.com
> <mailto:joost at yoast.com>
> T: +316-24-555-808 | @jdevalk <http://twitter.com/jdevalk> on Twitter
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

CONFIDENTIALITY NOTICE: This message is intended to be viewed only by
the listed recipient(s).
It may contain information that is privileged, confidential and/or
exempt from disclosure under applicable law.
Any dissemination, distribution or copying of this message is strictly
prohibited without our prior written permission.
If you are not an intended recipient, or if you have received this
communication in error, please notify us immediately by return e-mail
and permanently remove the original message and any copies from your
computer and all back-up systems.

More information about the wp-hackers mailing list