WordPress 3.5.1 site hacked

  • Resolved xeroxss

    (@xeroxss)


    11 years, 8 months ago

    I just recently checked my WordPress site which is running for over 4 years now and constantly updated the latest WordPress version I’m using is 3.5.1 unfortunately it has been hacked. I checked on the logs and and it happened on the 21st of March(just recently), when my traffic as shown in my analytics also peaked. See the screen shot.
    https://www.eg-designstudio.com/images/wordpress-hack.png

    If you may noticed there are 4 listed administrator 2 being my personal accounts and a 3rd showing without any name but marked with Administrator role. The other one is hidden but its linked to the 3rd account. If you delete the 3rd account the hidden administrator will also be deleted.

    Is there any known vulnerabilities with WordPress 3.5.1?. I suspect that they were not able to hack the wordpress directly but go through the instance of my Project Pier installation, which has been hacked as well.

    Anyway as part of the clue left behind on some of my PHP scripts appended on all of my index.php files I’m attaching here the code:

    [code removed - please don't post it here]

    If anyone have the same experience please let me know on how to prevent it from happening in the future, and yeah I'm keeping a regular backup of my site though it is not being updated regularly so restoration is not a too painful experience.

    Cheers!

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WordPress 3.5.1 site hacked’ is closed to new replies.