Here is the vulnerability, it was on the DB side I think. http://wiki.mediatemple.net/w/WordPress_Redirect_Exploit
<http://wiki.mediatemple.net/w/WordPress_Redirect_Exploit>Nate On Tue, Aug 17, 2010 at 1:49 PM, Allen <[email protected]> wrote: > My sites have been hacked so many times, the hackers send me a monthly > check. > > I believe the latest round of hacks is direct sql attacks - not sql > injection but somehow they are able to get into the dbs. I've had this > happen on both rackspace and mediatemple - Rackspace made some changes > to their phpmyadmin and while they continue to say that it had nothing > to do with them, I don't buy it fully. Same issue with MT. > > You need to make sure the database is clear of the bad hack script > code. The days of injecting code into the footer of a theme seem to be > over - the new way is to hack the db and add code that only goes after > those coming from Google - this way the site owner will typically > never see the hack. > > On Tue, Aug 17, 2010 at 1:33 PM, Elias Bizannes > <[email protected]> wrote: > > Our self-hoested wordpress blog has been hacked again. We've identified > that > > it's some sort of cookie which you notice on your first visit, but then > > hides on subsequent visits. Nothing seems obvious in the source code, > like > > the previous hacker attempt. > > Can anyone help with this? > > > > Elias Bizannes > > http://eliasbizannes.com > > > > -- > > You received this message because you are subscribed to the Google > > Groups "DataPortability.Public.General" group. > > To post to this group, send email to > > [email protected] > > To unsubscribe from this group, send email to > > [email protected] > > For more options, visit this group at > > http://groups.google.com/group/dataportability-public?hl=en > > For additional information, please visit: > > http://www.dataportability.org/ > > -- > You received this message because you are subscribed to the Google > Groups "DataPortability.Public.General" group. > To post to this group, send email to > [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/dataportability-public?hl=en > For additional information, please visit: > http://www.dataportability.org/ > -- You received this message because you are subscribed to the Google Groups "DataPortability.Public.General" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/dataportability-public?hl=en For additional information, please visit: http://www.dataportability.org/
