Site hacked – please help.

  • Author
    Posts
  • #1022436

    Hi there, my site has just been hacked.

    I’ve replaced the index.php with a WordPress reinstall and that worked to some extent but at the bottom of the site there seems to be a hackers tool kit.

    Here’s a screen shot can anybody please help? Desperate for suggestions.

    Thanks.

    #1022527

    supportbot
    Member

    You did not specify a blog address or reason for posting when you created this topic.

    This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you’ll find help at the WordPress.org forums.

    If you don’t understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It’ll help people to answer your question.

    This is an automated message.

    #1022547

    auxclass
    Member

    I’ve replaced the index.php with a WordPress reinstal

    Means you need to make friends at WordPress.ORG see above for the links

    #1022732

    philmeds
    Member

    I use a password generator for every password I use. I also store them in a book. How could my account have been stolen? I did a little extra research and it seems like almost 60,000 xxx.wordpress.com accounts have been affected – http://thehackernews.com/2012/10/15000-wordpress-blogs-hacked-for-making.html#sthash.GmgTqIzr.dpbs. Why are you covering up this obvious breach of security. I notice you have also removed this post from my wordpress site. Why not just admit it, it’s not the first time and I’m sure it won’t be the last, that’s just how it is on the internet sometimes but covering it up? That’s wrong.

    #1022733

    justjennifer
    Moderator

    If you are referring to a site on WordPress.com (the site linked to your username is empty of content), no one is covering anything up. Did you search the forums first? There were a few posts from users a couple of days ago; all of which were replied to by Staff.

    #1022734

    philmeds
    Member

    Hi, thanks for the reply.
    I’m using an old account right now. So do you admit that almost 60,000 _____.wordpress.com accounts were affected by these spam posts?
    Just about all of the pages listed in this google search are not found: http://bit.ly/QuYe2B so have been removed either by the wordpress user or by wordpress staff.
    Thank you

    #1022735

    raincoaster
    Member

    Why would Jennifer “admit” anything? She’s not staff.\

    I know The Hacker News. They stole a paragraph of mine once. I don’t think much of them as a news source.

    #1022736

    philmeds
    Member

    Sorry Jennifer and I appreciate what you’re saying Raincoaster but regardless of their sources it’s not difficult to see the evidence for yourself. There are thousands upon thousands of wordpress pages with the text from the spam posts, none of them are available now so it’s pretty obvious thousands have been deleted in the past few days.

    The number of posts with this text according to google are dropping at the rate of a few thousand per day as the blogs are spidered by googlebot.

    My problem is wordpress are hiding the fact this has happened to thousands of people. Their servers should have picked up that the same post was being posted to numerous blogs in a short space of time and WordPress are being very quiet about this and treating each case as an individual matter.

    I had one of these posts on one of my blogs and it was mysteriously deleted. I also don’t buy that my password was taken from another website.

    #1022737

    My Blog has been hacked and there is no information where I can get help!!!!It has very personal material as my OWN PORTFOLIO!!Can some one tell me what can I do???Im literally going insane as there is no person or REAL support I can contact??!!

    #1022738

    auxclass
    Member

    For starters we need the URL of the blog that has been “hacked” to give you accurate advice

    In the mean time here is some general advice:

    The only “hacked” sites I have seen here have been people getting the password somehow to a site so you do want to be careful how you log in and use a tough password.

    You should also check to make sure that someone has not added a new user to your site. Problems have also happened when there was more than one Admin. and an Admin left on less than graceful terms.

    Dashboard >> Users

    Many times a users email is hacked or the password guessed and the email account is used to get access by requesting a password reset – you need to change your email password and make sure they nobody has been added to your email account.

    You should also run a virus check on you PC to make sure your PC does not have a security issue that has compromised your email or WordPress.COM log-in information (also your bank etc. if you do online banking or retirement accounts)

    There have also been a few Posts on “hacked” sites and it was because someone got the Post by Email address and using the Post by Email to send in new Posts, if you have Post by email disable the Post by Email and regenerate the address. Spammers have scripts the generate email addresses and they sometimes can get a valid address for a Post by Email address.

    #1022739

    hey guys!my blog http://shoprightnow.wordpress.com has been hacked as I tried to log in and even the recovery email didnt work, so i cant change password. how can I get it back??and where do I need to contact?I googled and seemed to be companies that take money for helping wordpress bloggers but I really havent got money to spend on phone calls to US…

    #1022740

    My username is heidijohanna and I still got the email (email redacted), twitter heidiejohanna aswell but I cannot log in to my blog at wordpress http://shoprightnow.wordpress.com.So in this situation what can I do?my computer is updated and virus protection running/scanned and I have changed all passwords to emai/twitter and even to my own laptop just in case.

    #1022741

    my email is (email redacted) and so far haven’t received notification to be able to change my password and cannot log in so I think someone hacked in.

    #1022742

    raincoaster
    Member

    Look in the spam folder on your email. Sometimes these notices go there.

    #1022743

    yamyamer
    Member

    I changed it now as it was in spam folder, thank you so much!!!xx

The topic ‘Site hacked – please help.’ is closed to new replies.