Hacker alert: few blogs with wordpress 2.0.4 got hacked
 

So I was just about to update a few blogs and noticed that they were hacked....

It appears he only changed the title in them to let me know, but here is a warning to anyone else using wordpress 2.0.4...

this is what he put as a title "Hacked By Piratesgs[Turkish Hacker]"


http://www.google.ca/search?hl=en&q=...e+Search&meta=

that's why I don't use wordpress :)

How do they do it? Any why is Wordpress so vulnerable?

Damn, I'm sorry to hear that...

Stop using software in general if you are afraid for vulnerabilities

Go and check out the change logs and you can find a way.

Wordpress is open source. Everyone can take a look at the code. You could say that Wordpress is safer thanks to this. But this is an example of when things go wrong. Always update your blogsoftware is my advice :thumbsup

you may want to blow out the wp folder and reinstall.. while it may seem like they only changed the title, they could have dropped in some additional php code/files that could be used as proxies, server controlling functions, etc


Fight the slash and burn!

prob cause they didnt delete the install and setup files

It's not about being afraid of vulnerabilities, it's about not using software with a bad track record.

I assure you this was deleted. :thumbsup

Here is the deal:

Wordpress has had many versions since 2.0.0 - almost every one of them had at least some sort of security patch or correction in it. You don't have to be the worlds brightest hacker to take a newer version, compare it to the older version, and see where the code changes have happened. The code is all out there in public and not encoded in any manner.

2.0.4 is old - something like 10 versions ago (now 2.2.0). Keep it up to date, and the issues are small.