Comments on: WordPress Hacked! Virus Cloaks Search Engines

By: jkjkj

jkjkj — Sat, 10 Dec 2011 07:45:04 +0000

The proper use of technology can revolutionize the way you do business. http://www.techshoping.com/

By: Discount Outdoor Gear

Discount Outdoor Gear — Mon, 21 Nov 2011 22:23:52 +0000

When the iPhone 4 is in comparison to the 3G and 3GS, you will observe that it nevertheless has a wealthy and sharp pixel resolution. The entrance-going through 1.three-megapixel digital camera supports video calls whilst the digicam on its rear is excellent for shooting substantial-definition video clips.

By: Susie

Susie — Wed, 21 Apr 2010 01:58:24 +0000

David, I assume that if I did a fresh install, I don't need to change the secret keys, correct?

What I want to know is if wp-config should be 644 or 640, why does the default WordPress install through Fantastico have it as 755? No wonder I got hacked!

By: Susie

Susie — Wed, 21 Apr 2010 01:40:36 +0000

David, I assume that if I did a fresh install, I don't need to change the secret keys, correct?

What I want to know is if wp-config should be 644 or 640, why does the default WordPress install through Fantastico have it as 755? No wonder I got hacked!

By: David

David — Sat, 17 Apr 2010 12:10:58 +0000

One thing that you didn't mention and most people are forgetting is to change the secret keys. If the attackers were able to login at that time, they might still have access via the old cookies. So change the keys asap. This link explains: http://sucuri.net/?page=docs&title=changing-w...

By: WordPress Hack Attack :: Your WordPress Website Training & Resource Community | WordPress Membership

Fri, 16 Apr 2010 16:45:02 +0000

[...] Last week, there was a couple of warning articles that WordPress had been hacked again and it was stemming from blog sites that were hosted at Network Solutions, however, it could have been any host account that the hack was occurring. You can check out the article here: http://techcocktail.com/home/2010/04/08/wordpress-hacked-virus-cloaks-search-engines/ [...]

By: Zero Strategist - Holistic Social Media, Web Strategy & Innovative Design

Zero Strategist - Holistic Social Media, Web Strategy & Innovative Design — Fri, 16 Apr 2010 08:21:09 +0000

[...] Tech Cocktail – WordPress Hacked! Virus Cloaks Search Engines (Not Accurate) [...]

By: Matt Mullenweg fala sobre hackeamento do Wordpress na Network Solutions | Toolkit

Thu, 15 Apr 2010 17:24:41 +0000

[...] http://techcocktail.com/home/2010/04/08/wordpress-hacked-virus-cloaks-search-engines/ [...]

By: Ninjageek

Ninjageek — Tue, 13 Apr 2010 21:24:24 +0000

Hello little fuckers your wordpress has been hacked also ^^ I just caught a trojan when I arrived on that page, pretty nasty.

By: Ernesto

Ernesto — Tue, 13 Apr 2010 20:27:43 +0000

Frank,

You may have that WordPress logo with NetSol's logo instead…
http://wordpress.org/development/2010/04/file-per…

WordPress is pissed that NetSol is blaming them. They're accusing NetSol of not setting up permissions correctly to protect their databases. To be honest (erhm, frank) I never heard of hack attacking the DB in this manner… unless it's been setup insecurely for the get go.

There's a story here. Sorry to hear everyone having so much trouble with this. MySQL is tricky, check that your host knows what they're doing is my only advice.

Ernesto

There's good story to sort out here for sure.

By: ninjageek

ninjageek — Tue, 13 Apr 2010 18:03:50 +0000

You should really consider making a clean install of wordpress, because cleaning every file will be a pain in the ass.

By: ninjageek

ninjageek — Tue, 13 Apr 2010 18:00:22 +0000

http://techcocktail.com/wp-includes/js/comment-re... is infected with a trojan. please remove it.

By: Frank Gruber

Frank Gruber — Tue, 13 Apr 2010 12:56:04 +0000

Really? Please explain what you mean. Thanks!

By: Pankaj Pandey

Pankaj Pandey — Tue, 13 Apr 2010 12:51:05 +0000

Still This post is infected.

By: Frank Gruber

Frank Gruber — Mon, 12 Apr 2010 17:36:30 +0000

That is exactly what happened to us. Since we are on a Mac we do not get the prompt to update our browser or whatever it says but it is still running on your site. Do a view source and see if you can find some random javascript, script or iframe in your header of footer on your site. If so, you need to remove it and I would make sure those associated files are locked down from a permissions perspective as well.

By: Pat

Pat — Mon, 12 Apr 2010 17:29:17 +0000

I'm running a WordPress blog using thesis theme and have not been infected at all, although a client's site was hacked, she sent it to me… I could see the problem and warning screen, but was not infected.

But I am on a Mac System not a PC system. Do you think that makes a difference?

By: Angela

Angela — Mon, 12 Apr 2010 16:44:07 +0000

Our .htaccess file was hacked in the wp-super-cache section. The wp-config.php file was hacked to change the db password.

By: Wordpress Hack Terrifies Webmasters | GadgetHubs

Wordpress Hack Terrifies Webmasters | GadgetHubs — Mon, 12 Apr 2010 15:45:29 +0000

[...] Frank Gruber posted information about that second attack on his blog which ironically seems to have been successfully compromised as well. The virus somehow infiltrates WordPress and adds a new file in your scripts directory called jquery.js and then inserts that file into the header or footer files of your site. It also inserts an iFrame that calls a 3rd party site which is known for malware or other malicious activities. [...]

By: Pankaj

Pankaj — Mon, 12 Apr 2010 08:15:15 +0000

I am struggling with wp hack issue i also found a issue in your blog. when i see view source a JavaScript code found on your website starting with eval()… hope this help you to fix your blog.

Thanks

By: WordPress Hacked! Virus Cloaks Search Engines — TECH cocktail | Faster, better...

Sun, 11 Apr 2010 15:39:34 +0000

[...] via WordPress Hacked! Virus Cloaks Search Engines — TECH cocktail. [...]

By: Dani808

Dani808 — Sun, 11 Apr 2010 07:30:42 +0000

It isn't just network solutions. We are with godaddy and they hit all 45 sites on our server. It installed code into the htaccess so we removed it and got back the sites. We tracked the IP and could see when they came in but when I tried to block the IP via htacess suddenly our sites went back to redirecting to the malicous site. Did a restore of one of the sites to a month ago, well before the attack and again tried to edit htaccess and it redirected the site! So the virus must be in the database somewhere and it replicates or something. I cant find where the other code is. I hope they fix this soon! Oh and the non wordpress sites are also affected even though there is no code in there we can see. So I wonder if it is browser driving if that is possible??

By: 0-day wordpress vulnerability results in many Media Temple malware infections - Page 9 - WordPress Tavern Forum

Sun, 11 Apr 2010 04:07:32 +0000

[...] to the original topic, here's more info from Tech Cocktail – WordPress Hacked! Virus Cloaks Search Engines. Personal Blog | [...]

By: Stephen Pate

Stephen Pate — Sat, 10 Apr 2010 22:42:19 +0000

It's been a challenging week. We got hacked Friday (cleaned footer), Sunday (cleaned header), Thursday with total hack and site down. Back up yesterday supper time, worked all day Saturday checking the usual suspects. Down at 3 PM EDT with same infection. Tried the same list but Network Solutions admitted one hour ago that we should do nothing until they and WordPress fix the problems at their end first.

Very frustrating but that's life

By: Anna

Anna — Sat, 10 Apr 2010 20:50:56 +0000

WP security primers http://www.hosterware.com/wordpress-hosting/wordp...

By: Wordpress blogs getting HACKED! no fix as of yet? | Timani

Wordpress blogs getting HACKED! no fix as of yet? | Timani — Sat, 10 Apr 2010 19:14:05 +0000

[...] Hacked WordPress blogs cloaks search engines – Tech Cocktail [...]