3 attacks in a week should be enough

December 21, 2007 • Blogging by Emanuele Feronato • 9 Comments

I posted about an attack to this blog in this post, and since then I had 3 more attacks, all in the last week.

All attacks are very similar, with a php injection in the index page.

The most interesting thing is that ob_start("phpfake"); code still does not appear that much on Google, even if more than 10 days passed since I posted about it.

It’s only me? I cannot believe I am the only WP blogger that faced this attack. I also updated the blog to the last version, but attacks continue.

Oh well, meanwhile I added about 10 more addresses in the mailing list you can use to submit your Flash games…

Rate this post: 1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Be my fan on Facebook and follow me on Twitter! Exclusive content for my Facebook fans and Twitter followers

This post has 9 comments

  1. Ben

    on December 21, 2007 at 10:58 am

    I had a similar thing a long time ago. You need to change all your passwords (ftp, wordpress, mysql etc) and then scan through ALL of your theme files for things you didn’t include yourself. I also found a few changes in the wordpress core files that allowed access so uploading that again may be advisable too.

  2. daniele

    on December 21, 2007 at 12:41 pm

    Ciao Emanuele, ho avuto esattamente il tuo stesso problema.
    Iniziamo ad individuare le possibili cause. tu che software hai sul tuo host? wordpress e basta? Se si con quali addons? Che host hai?
    Io aruba. Spero che insieme riusciremo a risolvere.

  3. Shiv

    on December 21, 2007 at 2:11 pm

    it is probably because of your popularity.
    Other programmers or your contemporaries are jealous of you and try to cause maximum trouble to you.

  4. sam

    on December 22, 2007 at 9:15 am

    if you didnt make an entry saying you got attacked, no one else woulda attacked you…. you’re advertising attacks now…

  5. Kesh

    on December 22, 2007 at 9:18 am

    Do you sponsor games?

  6. Emanuele Feronato

    on December 22, 2007 at 11:26 am

    you’re right sam… I will make an entry to say someone donated me a million dollars, let’s see what happens if I start advertising donations :)

  7. Emanuele Feronato

    on December 22, 2007 at 11:27 am

    daniele: hosting on aruba, latest WP 2.3.1

  8. Daniele

    on December 22, 2007 at 1:28 pm

    Hi Emanuele, im on Aurba too (hmmm…).
    I have on my space wordpress like you.
    Do you have ONLY wordpress? After last php iniection i changed my ftp password, the permissions of my index.php (now not writable) via FTP, and uninstall wordpress. Its 3 days that im clean. Do you have any idea how do they make this hack? Thanks a lot.

  9. Custard

    on December 30, 2007 at 7:28 pm

    Apperently, it brings a troigan virus to your site.

< >