WordPress Breach

  • My site, thelonetree.org , has been breached. An opposing rival has become jealous of my intelligence on the web and has chose to breach my site. He has decided to tease me by placing a small black face on the bottom of my page, near the footer. I wish to know how he did this, and how it can be removed. He did not use the source code for I am on a computer he does not have access to, my personal computer. This as come up before at my other post, however it went away. Yet now it is back. I need this issue solved before I have to go to other “sources”. (Just checked page source and found nothing) (Be aware that it comes and goes, which is making me insanely mad!)

Viewing 7 replies - 1 through 7 (of 7 total)

  • For you, maybe, but it is not there for me to see, so I tend to agree with esmi in your original post: the computer you are looking at things from is the problem, not the web site.

    I see you have posted again on this, so I’ll leave it at this.

    so…. you’re seeing a smiley face in the footer? Does it look like this?

    www.thelonetree.org/wp-content/plugins/jetpack/_inc/images/stats-smiley.gif

    Yeah. Here you go. Here’s your last cached home page at Google (May 9, 2014 13:17:58 GMT):

    https://webcache.googleusercontent.com/search?biw=1680&bih=923&sclient=psy-ab&q=cache%3Athelonetree.org+&oq=cache%3Athelonetree.org+&gs_l=hp.3..0l4.1650.4054.0.4259.7.7.0.0.0.0.219.873.0j4j1.5.0....2...1c.1.43.psy-ab..2.5.824.DhovWeU2Ueg&pbx=1

    Notice the black smiley face in the footer on the cached page. Here’s the source for the image on the cached page: <img alt="" src="https://stats.wordpress.com/g.gif?host=webcache.googleusercontent.com&rand=0.3653437604134473&v=ext&j=1%3A2.9.3&blog=63561127&post=12&tz=0&ref=" id="wpstats">

    It’s from Jetpack….just find the setting and turn it off..

    Thread Starter TheB741

    (@theb741)

    Thank you so much ClaytonJames! I assume clearing the cache of my site would fix te probelm, however how did my enemy do this?

    I seriously doubt (based just on what I see) there is any ‘hacking’ involved. The smiley face is evidence of the use – or uniformed misuse – of the wp-stats feature included in the jetpack plugin, or other wp-stats script.

    The worse case scenario I envision happening here, is that you gave someone administrative access to your site and they turned a wp-stats plugin on or off -or- changed the visibility of the smiley through a simple edit of a css file. It’s more likely that a little research and experimentation with the available documentation for wp-stats would
    assuage your hacking fears.

    wp-stats, jetpack, wp-stats smiley face, and any of many other variations of that query are both abundant, and easily searchable here in the forums and – if you prefer – on Google.

    I really don’t think you have any issues of nefarious intent present surrounding that smiley face.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Please do not create duplicate topics.

    https://www.ads-software.com/support/topic/website-hackbreach?replies=6

    Closing this one, continue there as needed.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘WordPress Breach’ is closed to new replies.