blog.species5618.net » I got Hacked http://blog.species5618.net The time has come to VENT my anger on the world Mon, 11 Jul 2011 14:56:51 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 I got Hacked http://blog.species5618.net/2009/02/10/i-got-hacked/ http://blog.species5618.net/2009/02/10/i-got-hacked/#comments Tue, 10 Feb 2009 16:43:29 +0000 Species5618 http://blog.species5618.net/?p=375 Well this is one very embarrassing day. Given my day job :-(

The brand new WordPress 2.7 instance I setup for my wife, got hacked
Still not sure how, the access logs are not very conclusive, but someone managed to edit every header.php file under the themes folder and inject a trojan “exploit-iframe.gen.c”

I found a similar story hear. http://photocritic.org/wordpress-exploit-iframe-gen-c/

Yes, I admit I allowed apache write access to the themes folder. which i have now fixed

The Code also included a refernce to “search_bot111″

The searchbot code seems to be a bit of PHP?? to hide the site/trojan from search engines

needless to say i am VERY annoyed

]]> http://blog.species5618.net/2009/02/10/i-got-hacked/feed/ 2