Stuntdubl Marketing Consulting hacked – SEOs a target
January 15th, 2007 by Jason Roe. Post is filed under Jason Roe, Marketing, Web Design & Development.
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Looks like a well known marketing consultant’s site has been hacked. Be warned! The hacker redirected all of Stuntdubl’s feeds to his own wordpress blog (has offensive language) Full list of sites hacked!
To quote the hackers wordpress blog:
Anyways, I just started the first hacking cruzade… The easy targets (Wordpress blogs with register_globals=on) using a custom PHP script based on this code
Quick fix is to disable trackback & rename the wp-trackback.php file until the patch is patch has been issued by wordpress (More info on how to upgrade). This is kinda similar to my other post about wordpress security. You can find a graphic design service in dublin, it turs out that they use Corporate Chauffeur Services!
See pick below:
If you enjoyed this post, make sure you subscribe to my RSS feed!
January 15th, 2007 at 11:35 pm
Thanks for the heads up on WP release.
Geez, there goes my early night clocking off…got a load of sites to update because of this.
January 15th, 2007 at 11:38 pm
No probs .. Im in the same boat!
January 16th, 2007 at 12:28 am
According to WordPress.org, the entire set of files do not need to be replaced.
http://wordpress.org/development/2007/01/wordpress-207/
January 16th, 2007 at 12:31 am
Oops. That’s a “maybe”:
http://wordpress.org/support/topic/100762?replies=3#post-498952
January 16th, 2007 at 12:32 am
Here is the list of files that have changed since 2.0.6:
* wp-admin/inline-uploading.php
* wp-admin/post.php
* wp-includes/classes.php
* wp-includes/functions.php
* wp-settings.php
* wp-includes/version.php
But if your not on 2.0.6 it may be better to do a full update.,
January 16th, 2007 at 12:38 am
Yep. Hard to tell from the WordPress support link above what version she was upgrading *from*, so if the few-files approach doesn’t work (and I sincerely hope it does), do a full upgrade.
January 16th, 2007 at 7:03 am
Greywolf has also been hacked.
Well done on the find Jason.
January 16th, 2007 at 7:12 am
Lots of attention with this one:
http://www.threadwatch.org/node/11333
Seems many sites got hit.
January 16th, 2007 at 8:20 am
[...] Have a look at Jason’s blog for some of the background info. [...]
January 16th, 2007 at 10:07 am
[...] Well it looks like everyone is just about online again after the phantom SEO hacker blitz. I have been hearing some insane conspiracy theories banging about. They all seem to revolve around the theory that, I was one of the first sites to report and link to the hacker’s site, so I must have done this all as a PR stunt! WRONG! [...]
January 16th, 2007 at 12:50 pm
[...] [EDIT] I see that the hacker may have been using an exploit similar to one found by Jason Roe recently. Well done Jason on your find. [...]
January 16th, 2007 at 5:43 pm
[...] Recientemente algunos blogs de SEO y SEM fueron hackeados (Wolf Howl, BoogyBonBon y Stuntdubl). El hacker aprovechó un hoyo de seguridad de Wordpress para este propósito. [...]
January 17th, 2007 at 7:06 am
[...] The attack was based on a script released recently that attacks WordPress blogs through a flaw in the PHP core. I’m not sure I’d do the best job explaining the flaw so I’ll direct you to the words of Jason Roe who does a good job explaining the attack on this Threadwatch post. The discussion is alive on the thread so you may want to read it from the top. [...]
January 17th, 2007 at 5:47 pm
I stayed out of this one but I have to say it was quite funny seeing so many people freaking out and thinking you were responsible.