Hacker [email protected]

  • This morning I had to do something on my blog and I couldn’t login nor would my password arrive so instead I had to reset my password manually via phpMyAdmin. Once in there I noticed that the admin email had been changed to [email protected], so I did a google search and found the same email [email protected] has been responsible for alot of internet site hacking.

    How can I prevent this from happening on my blog again, as far as I can see nothing has been changed but the fact remains that if its been done once it could be done again and again. Is there some kind of firewall or some kind of way I can check I.P’s of people who logged into my blog via admin and the password he created?

Viewing 4 replies - 1 through 4 (of 4 total)

  • I think more importantly you need to find how he was able to change these details on your account…

    Check your access logs etc…

    It could any number of things, from an unsecure plugin, to an unsecure host… or an easily guessable password…

    Change your passwords, as a matter of precaution, making sure no less then 8 characters, a mixture of numbers and both upper and lowercase letters..

    Check you server for any extra files… if you have any 777 permission folders, check these first for extra files that shouldn’t be there…

    Also, Im not sure what precipitated your “re-launch”, however I located a cached page on your site from Feb 09 that indicated you were running 2.6.3 at that time —

    While its evident since your last post was just this month, that that e-mail address was recently changed, the fact that were running 2.6.3 just last month suggests that might have been the original problem.

    Im not saying thats a sure thing, just that its worth considering, thats all. This is the other reason why I am so damn bitchy when people dont upgrade — it makes it nearly impossible to even guess at what the problem might be since we cant rule out the older version being the source of a security issue.

    In any case, the advice above is excellent. Make sure to change the passwd that wordpress is using to access your MySQL db and dont forget to update your wp-config.php afterward.

    you also have a vbulletin install on that site, v. 3.7.3

    3.7.4 was released back in Nov 08, and im pretty confident it included security fixes. In fact, vbulletin is at 3.8.1 right now, well past what you are using.

    again, we’re back on the “staying current with our software” thing.

    here ya go:

    https://www.google.com/search?hl=en&q=mr5%40hotmail.com+vbulletin&btnG=Search

    Thread Starter radiotronpodcast

    (@radiotronpodcast)

    i have 3 vbulletin installs and they are all 3.8 actually…

Viewing 4 replies - 1 through 4 (of 4 total)