[wp-hackers] Porn links in google cache

David Law wp-hackers at google-adsense-templates.co.uk
Thu Jul 14 18:58:36 UTC 2011


On Thu, 14 Jul 2011 09:32:58 -0700, you wrote:

>Variations of the attack happen through FTP credential 
>hijacking (Don't use FTP, use a secure alternative like sFTP/SSH. If you 
>must, don't save your credentials in your client), others we've seen 
>have spread because the hosting provider has no business being a hosting 
>provider (Choose your home wisely).


I had some of my WordPress sites hacked, couldn't 100% confirm the
security flaw, but beleive it was a combination of using Filezilla and
saving passwords (Filezilla saves the passwords in text format, no
encryption!!!) and not updating an Adobe Internet Explorer plugin on
the PC I use to connect via FTP!

Fortunatly keep regular backups so didn't cause long term damage, but
changing around 170 passwords (100 FTP, 70 WordPress logins) isn't a 5
minute task!

David
-- 
http://www.stallion-theme.com/ Stallion WordPress SEO Theme
http://www.stallion-theme.com/stallion-wordpress-seo-plugin Stallion
WordPress SEO Plugin


More information about the wp-hackers mailing list