Hacked too


A few days ago, my fellow blogger Kirsch posted about his blog being hacked. Well, I was victim of the same attack. Both of our blogs run on DreamHost and use WordPress.

I found a detailed description of the attack here, however this description refers to a 2 year old attack. I highly doubt WordPress would go this long without a patch to fix the vulnerability.

Everything has been restored to normal thanks to my backups and tools provided by DreamHost.

,

2 responses to “Hacked too”

  1. I think the security hole used was an old timthumb version included in my old zenphoto. All PHP files under the same user account were hit, so the security hole could have been on any of the websites under that user account.

    I restored from backup, then proceeded to update timthumb on my zenphoto account.

    Then I deleted all unused plugins and themes, in case the security hole was in one of them. So far so good, but I’m not sure that I actually closed the security hole.

  2. I had zenphoto installed as well, and it was also a really old version (can’t remember last time I updated it). Last night I downloaded and installed the latest version. I’m hoping the bug has been resolved on their side.