Yesterday, this site was unreachable for a few hours, and instead redirected to some random (seemingly legitimate) blog on Blogspot. Apparently, someone was able to hack this website, and replaced the index.php at http://jw.x10hosting.com/blog/ and the index.html at http://jw.x10hosting.com/ with a modified one. As soon as I noticed, I logged in on the FTP server and resurrected the old files. It seems no further damage was done, no files were corrupted and no data was damaged.
I suspect the hacker used an exploit in WordPress, since I was still running WordPress 2.0.2. I never bothered to upgrade, I used to think: “Who’s gonna take the time to hack this little blog anyway?”. However, which version of WordPress you’re running is freely visible in the <meta> tags in the HTML code, and apparently someone out there is searching for blogs running an older version of WordPress. Therefore, since yesterday, this blog is running WordPress 2.0.11.
I learned my lesson.
Update: Apparently, someone else suffered from the same attack, while he wasn’t running WordPress. Probably, this problem wasn’t related to me running an older version of WordPress, but rather due to some bug in the server software.
Update 2 (December 17th, 2007): Apparently, I didn’t learn my lesson well enough: the hacker struck again. When he hacked my blog last time, I forgot to change my password afterwards. The hacker apparently got the MD5 hash of my password, so he was able to get my password and attack again. Luckily, he didn’t cause any damage this time. This time, I’m more seriously investigating the issue.
Comments on "Website hacked"
There's a total of 2 comments to this post. Add yours below.
1.
Anonymous wrote:
On October 24th, 2007 at 6:47
2.
JW wrote:
On October 26th, 2007 at 20:58
The trackback URI of this post is http://jw.x10hosting.com/blog/2007/09/09/website-hacked/trackback/