Bailey Posted August 17, 2018 Posted August 17, 2018 I seem to have missed what it is but have seen it pop up around on the forums.
wolstech Posted August 17, 2018 Posted August 17, 2018 Someone mass-hacked just about every WordPress installation on Tommy, then dropped a bunch of malware. Some of the accounts also had a spambot or phishing set up on them. The name of the hack comes from the username of the admin account the hacker created in the WordPress database on compromised accounts. We ended up just mass-banning almost every WP user on Tommy (without backups due to malware and phishing), then giving them new accounts. The interesting part is that whatever hack they used works on fully up to date, extension-free WordPress installs, meaning there's a severe security hole in WP's core. People around the world were reporting this hack on different hosts too around the same time. WP themselves...they spent their time deleting people's complaints, closing hack reports as no issue found, and denying the hack exists despite the obvious evidence to the contrary. Just another reason to never use WordPress... 1
deanhills Posted September 10, 2018 Posted September 10, 2018 (edited) Wow! Has this issue been resolved yet? I'm a great user of WordPress - also a fan. I've been using WordPress for years without having a problem with it or it been hacked. I've used it on a number of servers spread far and wide. I've used it on VPSs and shared hosting accounts. I've installed it from the command line, from Softaculous and from other Softaculous alternative tools. Would be very interesting to know how the hacker managed to infiltrate the installation process. Edited September 10, 2018 by deanhills
wolstech Posted September 10, 2018 Posted September 10, 2018 Nope, and likely never will be considering they actively denied the issue exists. WordPress is our (and many other hosts') leading cause of hacked accounts, high load, phishing, and spam. It's not the install process, they hack the actual installed product. The extensions are even worse when it comes to security. The product is just so poorly written that there's no good way to actually fix the security issues with it without just throwing it out and starting over. WP has been around forever and has AFAIK never seen a full rewrite. As a result, it's a pile of really ugly legacy procedural code that just keeps getting tweaked, extended, and patched over and over again. Most other CMSes of this age have been fully rewritten at least once, if not twice or more. Drupal had a massive overhaul between v7, 8, and 9. Joomla did the same between v2 and v3. Seriously, there's zero good reason to be using WordPress at this point. It's almost certainly the worst product available in the CMS market from a security standpoint, but sadly also the most popular. That means it only faces an even worse time than most, because hackers like popular software as targets, and it's also an easy target.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now