WordPress Plugin Hacked by Spammers
I was knocked out of blogging for a few days because low-life hacking spammers. Somehow one of these dirt-bags hacked this WordPress blog (the one you’re reading right now).
I was on WP 2.2 and my blog was hacked. It’s very subtle because they don’t want you to notice. They sneak in like a thief in the night and they slipped in a plugin that deactivates all my plugins. The goal being to deactivate Askimet and my other anti-spam plugins so they can post garbage spam in my comment fields.
Luckily I moderate all comments even though I use anti-spam plugins so they never were posted but I noticed I was getting a lot of spam comments that were getting through, when before then Askimet always caught them and sent them to spam hell without me even looking at them.
These are obvious spam comments, you know the ones with a 100 links to porn or rx sites.
I saw the spike of these spam comments in my moderation queue but I still didn’t put 2 and 2 together. My site was still up (it’s not like they plaster an “owned” sign on my blog). Like I said they don’t want you to know so they can spam comment your blog.
I finally caught on when I went to use my SLM plugin to add an affiliate link and it was gone. I was very confused about that- so, I went to my site and paid a close look and noticed some of the sidebar stuff (which is powered by plugins) were gone.
I went to check and sure enough all my plugins were deactivated. I re-activated them. I changed my password and sent a support ticket to my host.
Support suggested upgrading to 2.5 which he says prevents these type of hacks. During that time the hacker plugin did it’s thing again. So I had to re-activeate them again.
My host support finally found the hacker plugin. It’s not just listed on your plugin menu they hide it. So he deleted and now I’m back to normal.
Side effect is while that plugin was running I couldn’t post. Instead of publishing my post it would just save it as a draft. I also had my about page and contact page deleted but all my posts were intact and now things are back to normal.
I don’t know if v 2.5 would have prevented this but you might as well as upgrade to the latest version since they address these type of vulnerabilities. My web hosting support rep suggested upgrading to the latest version is always the best bet. I just like to wait a month or two to let any bugs be worked out and give theme and plugin designers a chance to make their stuff compatible. But I’ve now upgraded and I had no problems.
Take away from this experience is to always keep an eye on your blog and always moderate your comments even if you have anti-spam plugins activated.
If you enjoyed this post, you'll love my hype free newsletter. It's free! Sign up now to receive tips, news, and REAL product reviews about Internet marketing:
