Tagged: hackers Toggle Comment Threads | Keyboard Shortcuts

  • Sarah King 5:04 pm on August 13, 2010 Permalink | Reply
    Tags: backdoor, , hackers, sucuri,   

    Be afraid, be very afraid! 

    So you have a great idea for a site, you buy a domain, throw a WordPress site up on your shared hosting and upload a free template and every cool plugin known to man. Within an hour you’ve written 5 blog posts and dropped a link at dp so within 2 more hours the spiders will be all over the site and the world will know about you.

    Anyone who has been around for a bit knows that all of those plugins and themes should be checked out before they get uploaded but in reality some can get pretty gnarly and the vast majority of WordPress users can do little more than ftp.

    Pharma hack and their C&C (Command & control) server

    Understanding and cleaning the Pharma hack on WordPress

    Securi have blown the whistle on a so-called “Pharma hack” where a few lines of code nestled in a template (but could just as easily be a plugin) allow the hacker to upload further scripts and take control of your site. They appear to be taking it easy right now and just inserting new links around the place and hoping, I guess, that most will be on auto-blog so that the owners are relatively disinterested and won’t notice their changes.

    A few years ago WordPress had a situation where they’d stopped using a file that had a security flaw in it. Those of us who upgraded properly deleted the file and were fine. Those who just uploaded the new files ontop of the old still had the file on their servers and were vulnerable.

    If you’ve got lazy of late its time to rethink how you upgrade and what you install. Probably time to lock down that config.php too.

    And time for WordPress to let us have any files that are never called directly isolated and either moved below the root or locked away from public access.

    viagra levitra review? Viagra For Sale caught selling viagra
    Viagra erection duration viagra erection enhancers problems 400. Cheapest Viagra Prices generic viagra levitra regalis
    viagra pages edinburgh find generic girl, Viagra Prescription Uk order phizer viagra
    Viagra alcohaol viagra alcohol 20. Viagra No Prescription Uk alternative viagra uk biggest viagra case 775.
    forced viagra and tied up Viagra Sale viagra free gratis

     
  • Sarah King 12:43 am on January 21, 2010 Permalink | Reply
    Tags: , hackers, marc willers   

    The Generation Gap that swallows you whole! 

    An SOS went out today from a young BMX racer via Facebook that his website had been hacked. I took a look at http://marcwillers.com/ and the first thing that struck me was that it wasn’t a typical hacking… closer inspection of the Facebook messages showed that there was some sort of conflict between Marc and “RMC” – the original site developer.

    A few hours later and Marc’s site is back to normal, but with a new post of midget porn dedicated to RMC.

    Now I’ve met both these guys and RMC runs (owns?) a large bike store across town. I’m guessing amongst his mates he has a reputation as a prankster (although there will be a hipper name these days).

    Marc made it to the Olympics in his chosen sport and it’s a tough sport where you need as much of a mental edge as with any other. I race BMX too and there’s something very special about it and the people

    viagra patent levitra Buy Viagra Online viagra anxiety;

     
  • Sarah King 7:42 am on August 11, 2007 Permalink | Reply
    Tags: , , , hackers, scams   

    Protecting your forum logins from hackers 

    This is a hot topic at DigitalPoint right now as there is a bot working it’s way down the memberslist and doing bruteforce or dictionary attacks on the logins. Because the forum uses vBulletin it only gets 5 shots before there’s a lockout and it has to move onto the next member and then remember to return later. But it’s keen and has been running for a couple of days now. Reports indicate that it’s tried some other forums too.

    Why? (More …)

     
    • Dan 11:36 pm on October 6, 2007 Permalink

      If you are a vBulletin owner there is the option of disabling the membership list. Depending on how extreme you want to be in combating the problem :)

    • Eric Blackwell 1:29 am on April 23, 2008 Permalink

      Yes you can disable membership, but that is pretty drastic and seems a pretty harsh and traffic impacting way to handle it.

      Best;

      Eric

c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
%d bloggers like this: