May 19
website was hacked
Due to an old version of wordpress, our website was hacked this morning by Q8 and Killer Hack. Looks like I need to bite the bullet and upgrade the wordpress install on here. Doing so may make us lose some features that I’ve added to the theme over time – heck it will likely break the website altogether! Whatever the case, I will need to take the website offline to fix it. I will leave the gallery up, but the blog will be down. If anyone is curious, the hacker used this IP – 80.54.200.2 – to access the site. They used some kind of exploit on my wordpress version to change my 404.php page to be this:
This basically gave them a file editor and complete control (as if they had ftp access) to the website. With it, they browsed folders and upload/overwrote the main index file on this, and other websites I have hosted on this account. It was replaced with this:
I believe this is the same way/reason our site is providing popup spam. I haven’t located that yet, but I’ve looked a good deal. Because of all this, PaulandEmily.com will be briefly going offline for an overhaul. Probably really needed to anyway. May get a new theme while I’m at it.
May 19th, 2008 at 5:38 pm
you may be surprised that your theme isn’t affected when you upgrade, just back up obviously 🙂
May 19th, 2008 at 6:16 pm
Man, that sucks you got hacked, but glad it didn’t take you too long to do the upgrade and get back online. I agree – the 2.5x admin interface does take some getting used to.