- Joined
- Dec 13, 2006
- Messages
- 11,353
- Reaction score
- 3,179
Update your Wordpress Blog now.
AGD was hacked because of being .1 revision old. We had Version 2.8.1 and the latest is 2.8.2.
The hack seems to gain control through FTP and I won't tell you exactly how that happened. It was a vulnerability that let it happen, though.
The hack allowed a bot to be inserted which changed the index.php and index.html files throughout the website. It is a very back hack that is sweeping the web right now.
It inserts an iFrame into the site (luckily our pages were NOT working at all because the bot corrupted files when it ran). The iFrame contains dangerous links to websites and is used to gain access to more websites.
Regardless, it's fixed. All code is restored from a backup prior to the hack and vulnerabilities in Wordpress and vBulletin are fixed. Additionally, higher levels of security are installed and more monitoring will be done in the future.
What a fun weekend I have had
AGD was hacked because of being .1 revision old. We had Version 2.8.1 and the latest is 2.8.2.
The hack seems to gain control through FTP and I won't tell you exactly how that happened. It was a vulnerability that let it happen, though.
The hack allowed a bot to be inserted which changed the index.php and index.html files throughout the website. It is a very back hack that is sweeping the web right now.
It inserts an iFrame into the site (luckily our pages were NOT working at all because the bot corrupted files when it ran). The iFrame contains dangerous links to websites and is used to gain access to more websites.
Regardless, it's fixed. All code is restored from a backup prior to the hack and vulnerabilities in Wordpress and vBulletin are fixed. Additionally, higher levels of security are installed and more monitoring will be done in the future.
What a fun weekend I have had
Last edited: