Talk about calling the wrong number | home | Corbin starting to watch Star Wars: A New Hope for the first time.
March 21, 2012
So it appears my web sites were hacked
Guess there's a vulnerability in WordPress. Tech support called it a php injection attack.
http://en.wikipedia.org/wiki/Code_injection
Embedded Link
Code injection – Wikipedia, the free encyclopedia
Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by an attacker to introduce (or "inject") code into a computer prog…
Google+: View post on Google+
Oh yeah. Code/SQL injection is one of the easiest and most popular ways to take over a site, and even the server as a whole. Check out the CERT site for advisories about vulnerabilities and of course, always stay up to date on security releases for software you run (not only on a server). http://www.us-cert.gov/cas/techalerts/index.html Search for WordPress you'll see quite a bit of scary stuff. The effed up thing is the attacker probably used automated software that found your site, instead of specifically targeting you. Hope you didn't lose much.
[Reply]
We'll see. I'm waiting for the webhost to provide backup files and I'm trying to redirect to a generic page until I get things cleaned up. As long as my blog data base isn't messed up, I should be good – just slow.
[Reply]
Oh, no! What does that mean? they have our info or they were messing or stealing content?
[Reply]
They basically made all our sites a single page saying "Hacked by SO-n-SO" with a couple of images and some other text. In the end, I just had to replace the corrupted file (wp-config.php) with a good copy. So everything is back to normal.
I'll have to do some research to make sure we're not still vulnerable but since the attack was automated (someone ran a computer script) I doubt we'll be hit again any time soon.
[Reply]
Urgh!
[Reply]