View Single Post
Old 07-22-2013, 10:36 AM  
Tittytweaker
Confirmed User
 
Tittytweaker's Avatar
 
Industry Role:
Join Date: Dec 2012
Posts: 184
Wordpress Blackhole Exploit?

Just got hit with this yesterday evening.

AVG alerted me when I visited my site. A bit of code was inserted into the header.php file of every theme I had installed. I removed that chunk of code, and checked my site again. That time, a different warning popped up about a javascript that I had installed (which had been working just fine for many months). I removed that javascipt file and that seemed to fix the problem.

File permissions don't seem to have been changed, and to be safe I changed all of my passwords.

How did this happen? I thought I had WP locked down pretty well, so how did they manage to edit files on my server? Was this done at random in some sort of mass attack, or could it have been a single person doing this maliciously?

Could someone explain to me the basics behind this attack and maybe give me some security tips I may not have thought of yet?

Thanks in advance,
~TT
__________________
www.tittytweaker.com
Tittytweaker is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook