Hacked again

This blog was hacked again … the same sort of injection hack as before. I found the primary offending file and removed it, but that isn’t a long-term fix. I’ll have to check this evening on whether there is yet another WordPress security fix and go through another upgrade process.

At least this time, I seem to have found the offending hidden text spam before Google did. I think.

5 thoughts on “Hacked again

  1. Sorry to hear that I did submit your site at google coz most of the spams link redirect to your
    website via your “/order?page=xxx”. Dont hate me, Yesterday all your site is full with spam post and suspicious activity so I send a report to google spam team, spamcop, xbl and various others site. I’m quite surprise that everything has change drasticaly by today’s.

    I did some search for this spams injector. Its actually a very old injection from via wordpress.net.in I suggest you banned the domain name and set allow_furl_open to false in your php settings. and removed the wordpress meta tag generator as this type of attack only target wordpress with specific versions.

    The backdoor src is probably inside class-mail.php, and inject inside default_filters.php to allowed the backdoor called.

Leave a Reply