[wp-hackers] Hacked blogs
lynne.pope at gmail.com
Fri Mar 27 07:14:05 GMT 2009
WP 2.7.1 hacked.
On VPS with one other domain. The other domain contains one single
Both are jailed.
Running PHP 5.2.5 MySQL4.1
suexec running, server hardened.
url fopen off
The site is running the following plugins:
Subscribe to Comments
There are a number of entries in the logs showing 200 responses where
nothing appears to have got in (or, at least I haven't found the
There are also a number of attempts to run base64 code appended to
wp_cron that have resulted in 500 errors.
Agent: libwww-perl/5.803 used in all suspicious log entries.
Attempts to download the txt files used have so far been unsuccessful.
I will continue digging to see what I can pinpoint.
More information about the wp-hackers