19th May 2008

website was hacked

Due to an old version of wordpress, our website was hacked this morning by Q8 and Killer Hack. Looks like I need to bite the bullet and upgrade the wordpress install on here. Doing so may make us lose some features that I’ve added to the theme over time - heck it will likely break the website altogether!  Whatever the case, I will need to take the website offline to fix it.  I will leave the gallery up, but the blog will be down.  If anyone is curious, the hacker used this IP - 80.54.200.2 - to access the site.  They used some kind of exploit on my wordpress version to change my 404.php page to be this:


click to enlarge

This basically gave them a file editor and complete control (as if they had ftp access) to the website.  With it, they browsed folders and upload/overwrote the main index file on this, and other websites I have hosted on this account. It was replaced with this:


click to enlarge

I believe this is the same way/reason our site is providing popup spam.  I haven’t located that yet, but I’ve looked a good deal.  Because of all this, PaulandEmily.com will be briefly going offline for an overhaul.  Probably really needed to anyway.  May get a new theme while I’m at it.

This entry was posted on Monday, May 19th, 2008 at 3:39 pm and is filed under Computers and Electronics, General, Grrr, really..?!. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “website was hacked”

  1. May 19th, 2008 at 5:38 pm Daniel Says:

    you may be surprised that your theme isn’t affected when you upgrade, just back up obviously :)

  2. May 19th, 2008 at 6:16 pm Chris Says:

    Man, that sucks you got hacked, but glad it didn’t take you too long to do the upgrade and get back online. I agree - the 2.5x admin interface does take some getting used to.

Leave a Reply