Site hacked – please help.

  • Author
  • #1022436

    Hi there, my site has just been hacked.

    I’ve replaced the index.php with a WordPress reinstall and that worked to some extent but at the bottom of the site there seems to be a hackers tool kit.

    Here’s a screen shot can anybody please help? Desperate for suggestions.




    You did not specify a blog address or reason for posting when you created this topic.

    This support forum is for blogs hosted at If your question is about a self-hosted WordPress blog then you’ll find help at the forums.

    If you don’t understand the difference between and, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It’ll help people to answer your question.

    This is an automated message.



    I’ve replaced the index.php with a WordPress reinstal

    Means you need to make friends at WordPress.ORG see above for the links



    I use a password generator for every password I use. I also store them in a book. How could my account have been stolen? I did a little extra research and it seems like almost 60,000 accounts have been affected – Why are you covering up this obvious breach of security. I notice you have also removed this post from my wordpress site. Why not just admit it, it’s not the first time and I’m sure it won’t be the last, that’s just how it is on the internet sometimes but covering it up? That’s wrong.



    If you are referring to a site on (the site linked to your username is empty of content), no one is covering anything up. Did you search the forums first? There were a few posts from users a couple of days ago; all of which were replied to by Staff.



    Hi, thanks for the reply.
    I’m using an old account right now. So do you admit that almost 60,000 accounts were affected by these spam posts?
    Just about all of the pages listed in this google search are not found: so have been removed either by the wordpress user or by wordpress staff.
    Thank you



    Why would Jennifer “admit” anything? She’s not staff.\

    I know The Hacker News. They stole a paragraph of mine once. I don’t think much of them as a news source.



    Sorry Jennifer and I appreciate what you’re saying Raincoaster but regardless of their sources it’s not difficult to see the evidence for yourself. There are thousands upon thousands of wordpress pages with the text from the spam posts, none of them are available now so it’s pretty obvious thousands have been deleted in the past few days.

    The number of posts with this text according to google are dropping at the rate of a few thousand per day as the blogs are spidered by googlebot.

    My problem is wordpress are hiding the fact this has happened to thousands of people. Their servers should have picked up that the same post was being posted to numerous blogs in a short space of time and WordPress are being very quiet about this and treating each case as an individual matter.

    I had one of these posts on one of my blogs and it was mysteriously deleted. I also don’t buy that my password was taken from another website.


    My Blog has been hacked and there is no information where I can get help!!!!It has very personal material as my OWN PORTFOLIO!!Can some one tell me what can I do???Im literally going insane as there is no person or REAL support I can contact??!!



    For starters we need the URL of the blog that has been “hacked” to give you accurate advice

    In the mean time here is some general advice:

    The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.

    You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.

    Dashboard >> Users

    Many times a users email is hacked or the password guessed and the email account is used to get access by requesting a password reset – you need to change your email password and make sure they nobody has been added to your email account.

    You should also run a virus check on you PC to make sure your PC does not have a security issue that has compromised your email or WordPress.COM log-in information (also your bank etc. if you do online banking or retirement accounts)

    There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.


    hey guys!my blog has been hacked as I tried to log in and even the recovery email didnt work, so i cant change password. how can I get it back??and where do I need to contact?I googled and seemed to be companies that take money for helping wordpress bloggers but I really havent got money to spend on phone calls to US…


    My username is heidijohanna and I still got the email (email redacted), twitter heidiejohanna aswell but I cannot log in to my blog at wordpress in this situation what can I do?my computer is updated and virus protection running/scanned and I have changed all passwords to emai/twitter and even to my own laptop just in case.


    my email is (email redacted) and so far haven’t received notification to be able to change my password and cannot log in so I think someone hacked in.



    Look in the spam folder on your email. Sometimes these notices go there.



    I changed it now as it was in spam folder, thank you so much!!!xx

The topic ‘Site hacked – please help.’ is closed to new replies.