Spam link insertion hack | ww.wp.xz.cn

Miha Petelin
(@mipe)

15 years, 3 months ago

Hello,

I run a few blogs and some of them have been compromised by hackers. I discovered foreign links within my articles as well as the sidebar, typically cialis and pill links.

I already have removed those foreign links and changed passwords (mysql, cpanel etc.), however I cannot help but wonder how did they get through. From what I’ve observed, they haven’t actually gained access to WordPress; they altered the database directly. Template and WordPress files were left unchanged. In some cases, links were inserted into <img> tags, thus breaking them, which leads me to believe that links were inserted into post_content data randomly.

I have searched, however I am not sure what search terms to use; most results are ambigious.

I would appreciate advice on how to protect my blogs from these attacks; or at least proper search terms that I can use.

Thank you,
M.

Viewing 2 replies - 1 through 2 (of 2 total)

Samuel B
(@samboll)

15 years, 3 months ago

http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

http://ottopress.com/2009/hacked-wordpress-backdoors/

http://codex.ww.wp.xz.cn/FAQ_My_site_was_hacked

http://codex.ww.wp.xz.cn/Hardening_WordPress

Thread Starter Miha Petelin
(@mipe)

15 years, 3 months ago

Looks like there was an obfuscated backdoor in the database after all. I’ll have to ramp the security up a bit more after dealing with those backdoors. Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Spam link insertion hack’ is closed to new replies.

In: Fixing WordPress
2 replies
2 participants
Last reply from: Miha Petelin
Last activity: 15 years, 3 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics