3 attacks in a week should be enough

December 21, 2007 by Emanuele Feronato
Filed Under This blog in the net •  

I posted about an attack to this blog in this post, and since then I had 3 more attacks, all in the last week.

All attacks are very similar, with a php injection in the index page.

The most interesting thing is that ob_start("phpfake"); code still does not appear that much on Google, even if more than 10 days passed since I posted about it.

It’s only me? I cannot believe I am the only WP blogger that faced this attack. I also updated the blog to the last version, but attacks continue.

Oh well, meanwhile I added about 10 more addresses in the mailing list you can use to submit your Flash games…

Improve the blog rating this post
Tell me what do you think about this post. I'll write better and better entries.
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

9 Responses to “3 attacks in a week should be enough”

  1. Ben on December 21st, 2007 10:58 am

    I had a similar thing a long time ago. You need to change all your passwords (ftp, wordpress, mysql etc) and then scan through ALL of your theme files for things you didn’t include yourself. I also found a few changes in the wordpress core files that allowed access so uploading that again may be advisable too.

  2. daniele on December 21st, 2007 12:41 pm

    Ciao Emanuele, ho avuto esattamente il tuo stesso problema.
    Iniziamo ad individuare le possibili cause. tu che software hai sul tuo host? wordpress e basta? Se si con quali addons? Che host hai?
    Io aruba. Spero che insieme riusciremo a risolvere.

  3. Shiv on December 21st, 2007 2:11 pm

    it is probably because of your popularity.
    Other programmers or your contemporaries are jealous of you and try to cause maximum trouble to you.

  4. sam on December 22nd, 2007 9:15 am

    if you didnt make an entry saying you got attacked, no one else woulda attacked you…. you’re advertising attacks now…

  5. Kesh on December 22nd, 2007 9:18 am

    Do you sponsor games?

  6. Emanuele Feronato on December 22nd, 2007 11:26 am

    you’re right sam… I will make an entry to say someone donated me a million dollars, let’s see what happens if I start advertising donations :)

  7. Emanuele Feronato on December 22nd, 2007 11:27 am

    daniele: hosting on aruba, latest WP 2.3.1

  8. Daniele on December 22nd, 2007 1:28 pm

    Hi Emanuele, im on Aurba too (hmmm…).
    I have on my space wordpress like you.
    Do you have ONLY wordpress? After last php iniection i changed my ftp password, the permissions of my index.php (now not writable) via FTP, and uninstall wordpress. Its 3 days that im clean. Do you have any idea how do they make this hack? Thanks a lot.

  9. Custard on December 30th, 2007 7:28 pm

    Apperently, it brings a troigan virus to your site.

Leave a Reply