Hacked again

Posted on November 30, 2007 by Howard Owens

This blog was hacked again … the same sort of injection hack as before. I found the primary offending file and removed it, but that isn’t a long-term fix. I’ll have to check this evening on whether there is yet another WordPress security fix and go through another upgrade process.

At least this time, I seem to have found the offending hidden text spam before Google did. I think.

Share on TwitterShare via email
This entry was posted in Uncategorized and tagged . Bookmark the permalink.
  • http://blog.kaizeku.com ChaosKaizer

    Sorry to hear that I did submit your site at google coz most of the spams link redirect to your
    website via your “/order?page=xxx”. Dont hate me, Yesterday all your site is full with spam post and suspicious activity so I send a report to google spam team, spamcop, xbl and various others site. I’m quite surprise that everything has change drasticaly by today’s.

    I did some search for this spams injector. Its actually a very old injection from via wordpress.net.in I suggest you banned the domain name and set allow_furl_open to false in your php settings. and removed the wordpress meta tag generator as this type of attack only target wordpress with specific versions.

    The backdoor src is probably inside class-mail.php, and inject inside default_filters.php to allowed the backdoor called.

  • http://www.velmont.net Odin/Velmont

    You are hacked again! Just like me!

    check /house/… You’ve got much sex-spam there.

  • http://www.velmont.net Odin/Velmont

    Btw, check your wordpress users-tab. Maybe the foul user is still as an administrator left there…

  • http://www.howardowens.com/ Howard Owens

    I checked that URL and see no spam there, hidden or otherwise.

  • http://www.velmont.net/ Odin / Velmont

    I guess you found it since you have put up a notice now :-)