Thread: My blog has been hacked.

My blog Urwar.com has been hacked by people claiming to be Palestinians.

I guess it's time to update the blog to the newest version of wordpress. I believe the blog was using 2.2 wordpress. Has anyone tried wordpress 2.8 beta?

Hi,

Not Good I had to deal with that with my boss site that was a mess.

Hope everything goes well for you.

Sami

Terrible spelling.
Those Palestinians have a lot to answer for.
How can we be sure that your WTF account hasn't been hacked too?
I may need you to complete a small task to prove it's really you...

(please wait while I think of something fiendish)

Originally Posted by Sami4u

Hi,

Not Good I had to deal with that with my boss site that was a mess.

Hope everything goes well for you.

Sami

I have a back-up. :mellow-f:

The site isn't too important.

I'm hoping to flip it to some of the Taliban on DP. It's a premium domain as urawr is Urwar Kili in S. Waziristan, Pakistan. It's #1 for urwar with 1800 results :goofy:

Bogart added 5 Minutes and 7 Seconds later...

Originally Posted by CountryBoy

Terrible spelling.
Those Palestinians have a lot to answer for.
How can we be sure that your WTF account hasn't been hacked too?
I may need you to complete a small task to prove it's really you...

(please wait while I think of something fiendish)

Call me at this number +92 21 568 0111 :devlish:

Sorry to hear. That's why I like Blogger. I know everyone else is on WP, but Blogger means a few less things to think about.

hat a bunch of numties they are. Its a shame we have to protect ourselves from these types of hacks.

Too bad for you I hope you've been responsible to your blog. So better next time you should protect your site or blog.

Call me at this number +92 21 568 0111

Thats a pakistani number? WTF

Originally Posted by riderbabygurl

Too bad for you I hope you've been responsible to your blog. So better next time you should protect your site or blog.

The blog is something that I bought a couple of years ago and never really had the time to play with.

It looks like the hackers were able to upload around 250 mb of some garbage. I'm not sure what they are trying to do but for security reasons I terminated the account. Better to do a clean install with the latest version of wordpress. It's not worth the trouble to try and fix it. Also there's a risk that the hackers may start some type of illegal activity with the files that they have loaded.

I think while looking for a free blogging site, blogger should be one's right choice. Isn't it?

If your blog hucked try change your hosting.

Be sure to read Hardening WordPress « WordPress Codex to get very good options and ways to keep your blog secure.

Another thing I have found is WordPress › WP Security Scan « WordPress Plugins. I haven't tested it myself but it looks good enough to try. I would install a new wordpress on a completely different site, like a subdomain just to test it out to make sure it works without bugs then if it works as described then I would use it on your blog.

Originally Posted by andr114

If your blog hucked try change your hosting.

I just noticed your post and as a hosting company that runs a complete server, I can tell you that in over 90% of the time it is not the hosting companies fault as the client may have left files open and directories to 777 which allows hackers to access it easy. But, it is always a good idea to ask your host for suggestions to keep your site safe.

Having a hardened server helps

Sorry to hear this.Have you got your blog??

Originally Posted by weblover50

Sorry to hear this.Have you got your blog??

The blog was hacked two more times :blah:

I deleted everything and installed wordpress 2.8. The backup sql database must have been corrupt. It wouldn't upgrade. I tried forcing a upgrade as well using phpmyadmin and it wouldn't work as well. So, I had to reinstall the backup that is wordpress 2.3 and then load the database using phpmyadmin. There were a few errors but I fixed them.

Needless to say a few days it was hacked again. I reinstalled the backup and hacked again. This time they weren't able to put the Jihad hacker site up. I changed all the passwords.

I'm going to try another install of wordpress 2.8 and let's see if that does the trick.

Originally Posted by Bogart

The blog was hacked two more times :blah:

I deleted everything and installed wordpress 2.8. The backup sql database must have been corrupt. It wouldn't upgrade. I tried forcing a upgrade as well using phpmyadmin and it wouldn't work as well. So, I had to reinstall the backup that is wordpress 2.3 and then load the database using phpmyadmin. There were a few errors but I fixed them.

Needless to say a few days it was hacked again. I reinstalled the backup and hacked again. This time they weren't able to put the Jihad hacker site up. I changed all the passwords.

I'm going to try another install of wordpress 2.8 and let's see if that does the trick.

Hmm. Have you checked everything to make sure nothing is openly available as far as files/directories that aren't suppose to be open? If it continues, I would contact the hosting provider to get some help and for them to investigate it to see how they are getting in and what you can do to prevent it from happening. I know SQL injections are popular among the kiddies whom like to 'hack' *rolls eyes*. But like I said, check with your provider...I'm sure they would help.

there is a plugin automatic upgrade fro worpdress. Try to use it.

Originally Posted by Sarahlee

Hmm. Have you checked everything to make sure nothing is openly available as far as files/directories that aren't suppose to be open? If it continues, I would contact the hosting provider to get some help and for them to investigate it to see how they are getting in and what you can do to prevent it from happening. I know SQL injections are popular among the kiddies whom like to 'hack' *rolls eyes*. But like I said, check with your provider...I'm sure they would help.

I'll upgrade to wordpress 2.8 and see what happens.

The last 2 times the hackers weren't able to take over the site. It looks you are right about the SQL injections.

Bogart added 0 Minutes and 43 Seconds later...

Originally Posted by adiian

there is a plugin automatic upgrade fro worpdress. Try to use it.

What's the url for the plugin?

Wow. Hacked the second time around? Those hackers might be good. :O Good luck on everything buddy. Keep safe next time.

Originally Posted by Bogart

I'll upgrade to wordpress 2.8 and see what happens.

The last 2 times the hackers weren't able to take over the site. It looks you are right about the SQL injections.

Thats good they couldn't take over the site. Yep, many of them use SQL injections which my husband had to deal with a few times. He actually went into phpmyadmin and found them himself and took them out. Really nothing to major but should be fixed though of course.

I hope that they don't do this to ya again, good luck

Originally Posted by Sarahlee

Thats good they couldn't take over the site. Yep, many of them use SQL injections which my husband had to deal with a few times. He actually went into phpmyadmin and found them himself and took them out. Really nothing to major but should be fixed though of course.

I hope that they don't do this to ya again, good luck

Before I update the wordpress to a newer version, I'm going to try something.

I will remove drop tables from the database user account permissions. That's one less way for sql injection crack the password.

It's also a good idea to have multiple backups to the sql database just in case the back-up was corrupted in the download.

I good idea is to use a Scheduled Backup plugin that will email the database to you. Here is the link to the one that I am using:

http://www.ilfilosofo.com/blog/wp-db-backup

too bad, one of my friend blog is also hacked...she's very upset for blogging is on of her hobbies. tsk tsk... why this people do such thing. :annoyed:

Removing the drop tables from the database user account permissions didn't work.

The hackers installed a sql database and illegal content.

I just got an email form my webhost support that they are seeing are suspicious contents inside which is not allowed in their Hosting.

1) I deleted the site and have asked them how to improve the security.
2) I still want to know what's going on. So I'm planning to install a clean copy of wordpress 2.8 with a blank sql database to see if that is hacked as well?

Originally Posted by Bogart

Removing the drop tables from the database user account permissions didn't work.

The hackers installed a sql database and illegal content.

I just got an email form my webhost support that they are seeing are suspicious contents inside which is not allowed in their Hosting.

1) I deleted the site and have asked them how to improve the security.
2) I still want to know what's going on. So I'm planning to install a clean copy of wordpress 2.8 with a blank sql database to see if that is hacked as well?

Odd. I would think that installing a fresh version of the most up to date release of wordpress might work. I would also look into seeing if anyone else on the server that you are on is having the issue, then it may be that the server is not hardened like it should be and I'd switch.

Try to change your hosting.

Originally Posted by Sarahlee

Odd. I would think that installing a fresh version of the most up to date release of wordpress might work. I would also look into seeing if anyone else on the server that you are on is having the issue, then it may be that the server is not hardened like it should be and I'd switch.

I still had wordpress 2.3 running. :embarassed-f:

I just completed a new install of wordpress 2.8. Let's see if that does the trick.

Oh, that's very sad..I thought you can secure your own blog? But why it was happened to you?

Originally Posted by charisse090

Oh, that's very sad..I thought you can secure your own blog? But why it was happened to you?

It's a case of spreading yourself too thin. The blog in question is little used so I hadn't dedicated the time to updating it.

It's really important that you keep your wordpress up to date. The hackers had put some illegal content on the site and my host was complaining about it. They seem to beleive that it was the out of date wordpress that was the problem. I seem to agree as other sites on the same host don't have any problems.

Hopefully, the upgrade to wordpress 2.8 will solve the problem.

Btw, it's against the rules to put links under your posts like that.

Originally Posted by andr114

Try to change your hosting.

You have the right idea. A few days ago another site was hacked that was running a clean install of wordpress 2.8. There's also an image script on the site but I don't see how the script was hacked. Considering that the wordpress sql database was hacked. :annoyed:

sorry for it. have u got it back?

Originally Posted by shoaibakhtarkhan

sorry for it. have u got it back?

I have a back-up but the host suspended the domain.

I believe that they have a security issue with sql databases and are trying to play it off.

The 1st site that was hacked was wordpress 2.3 and the response was "out of date" software. However, the 2nd site was running wordpress 2.8. :annoyed:

The webhost is just playing stupid. I'm thinking that it could be someone that has an account on the same server and is hacking sql databases?

Hi,

Just a little lost here other then being quite a nuncence. What would be the reason for hacking the site?

:flower:

Sami

Originally Posted by Sami4u

Hi,

Just a little lost here other then being quite a nuncence. What would be the reason for hacking the site?

:flower:

Sami

I believe that is was a sql injection into the wordpress database. The hackers either like to spam the site with viagara links or put up phishing pages.

Too bad that your blog was hacked. But what did they do after hacking it. Did they destroy your contents and Password or somethin more serious they did.

Hmm find a better and more secured host, upgrade to the newest version of word press are the best advices..

Originally Posted by blue

Too bad that your blog was hacked. But what did they do after hacking it. Did they destroy your contents and Password or somethin more serious they did.

They destroyed the contents and password and some more serious stuff as well :irritated:

Bogart added 2 Minutes and 52 Seconds later...

Originally Posted by Elder

Hmm find a better and more secured host, upgrade to the newest version of word press are the best advices..

The site was using wordpress 2.8

I believe that there's an issue with the host.

The first and second domain were on same account? or you have reseller account for every diff domain?

Originally Posted by i13

The first and second domain were on same account? or you have reseller account for every diff domain?

I had the domains on seperate cpanel accounts but using the same reseller account (server).

Naah they can't access it then. May be you're right ..... something with the host.

8/10 it's always your host. insecure setups are a major security hole.