PLEASE HELP URGENT – My site has been hacked!!!

  • Resolved bullopill

    (@bullopill)


    13 years, 7 months ago

    Hi

    I found out earlier today that my site has been hacked in the last 3 days or so.

    They changed my password but I have managed to change that using myphp
    I am VERY new to site building or anything like that. Changing my password was very hard work to me. I am desperate for some guidance.

    My site is https://www.bullopill.com
    There is some kind of hacking message when you go there. I did a scan using https://sitecheck.sucuri.net/scanner/ and it says there’s no malware.

    What do i do next? I have no idea what im looking for or where to find it and googling the problem is giving me conflicting and confusing advice.

    Some people say back up and reinstall? I have NO IDEA how to do this. And if i back it up and reinstall surely i still have to find whatever’s causing the problem? I know it’s awful but I havent done a recent pre-hack backup as I dont know how to do one.

    If you can help me please be gentle with me and explain all steps in detail as I am a bit overwhelmed!!!

    Thank you – Im really panicked!!

    Pippa

Viewing 6 replies - 1 through 6 (of 6 total)

  • Only you and/or (maybe) your hosts can fix this.

    review:

    https://codex.www.ads-software.com/FAQ_My_site_was_hacked
    https://www.ads-software.com/support/topic/268083#post-1065779
    https://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    https://ottopress.com/2009/hacked-wordpress-backdoors/
    https://codex.www.ads-software.com/Hardening_WordPress

    first find how they hack you! was timthumb.php vulnerability ?

    Thread Starter bullopill

    (@bullopill)

    Hi – thank you both of you for the quick repsonses

    David_m: Im afraid I dont understand what timthumb.php vulnerability is… how do i find that out?

    Secondly… Kmessinger: I have read most of these articles already and have found them daunting. i dont really know where to start. i have contacted my webhosting people to ask if the site can be restored to a previous point in time – would that fix the problem?

    Also… how do i back up my site? i have no idea how to do this and no idea how to then reinstall wordpress without losing my site completely.

    again – all help appreciated… thank you!

    They most likely didn’t hack your WordPress install I’ve seen these boys before they hack Shared Hosting Accounts I.E. Your Tucows provider and they place a HTML, or PHP file in your directory that takes precedence over your other files.

    You can search it out and attempt to find and delete that file, if that’s the case run hard and fast away from Tucows hosting.

    Now if they hacked your WP install it’s most likely an SQL injection because of a badly developed plugin, so you’ll have to search through your database looking for the Javascript code thats being executed.

    Update: I just did a quick test, I don’t think its an SQL inject its most likely they hacked your hosting provider and inserted the HTML file, that is these guys M.O.

    So now the question is how to fix it, well I’ve gave you an overview of how to fix it but you said your extremely new to all of this so I’m a kind person and if you want you can email me at [email protected] with your hosting account login details, or setup a temp user/pass on your hosting account and let me access the database and file folders of your WP install so I can go over and see if I can fix it for you but you may not want to do that for security reasons considering you just got hacked, its hard to trust someone, especially when I ask for such important information like access to your files.

    But the choice is yours, you can try to search what I posted above or take the risk and I’ll be happy to go through and have a look for you.

    Fixed the issue, the hackers just changed there themes index.php file, definitely looks like a security issue with your hosting provider.

    Thread Starter bullopill

    (@bullopill)

    Huge thanks and smiles all round!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘PLEASE HELP URGENT – My site has been hacked!!!’ is closed to new replies.

Tags