Sophie's Success Shortcuts

Shortcuts and Recommendations for Marketers, Mindset, and More

Conversation between Advertiser and Consumer… funny Internet Marketing Beginnings

Trojan On Wordpress Blog – How I Got Rid Of It

by admin - Uncategorized - May 24, 2008

 

One of my blogs got hacked a week or so ago.

When I opened it a warning came up, that a Trojan (worm… not a virus… but just as annoying) was on my site…

I made a screen shot of some of the popup… I just needed the data… to search on google or on wordpress… or whereever.

screen shot of wordpress blog trojan popup

I didn’t find anything meaningful on the internet, so I decided to move the whole blog to another server. To my dismay, the popup warning me of the trojan was still there.

I decided that the trojan must be somewhere in my posts…

I searched all my posts, one by one, in “html” mode, and I found one instance of the trojan embedded in an iframe, and 7 instances of links to some gambling site.

I was searching for the word “iframe” and for the word “Noscript”

With that search I found all occurrences and now I have a healthy blog… though spent a few hours with moving and setting up on a new location… but all is well when it ends well.

No TweetBacks yet. (Be the first to Tweet this post)

three short Trojan On Wordpress Blog How I Got Rid Of It

Tags: Uncategorized

2 responses so far ↓

  • 1 You sure? // Aug 14, 2008 at 12:08 pm

    You sure you’re clear of this? The fact that it got in once means it can get in again, so just cleaning the code it made will only help your site until whatever method they used to hack your site is fixed to prevent them from being able to do it again. Make sense?

  • 2 admin // Aug 15, 2008 at 9:16 am

    Only one version of Wordpress was vulnerable to hacking, and that’s why I am sure. If and when I find out that another version is vulnerable, I will post it on this blog.

    You need to upgrade to the current version of Wordpress… that could be set out as a rule.

    If you used Fantastico to install your blog on your cpanel-equipped hosting account, then you are in luck. Fantastico can upgrade your blog software for you in a jiffy.

    If you used ftp to install your blog, then you need to use ftp to upgrade… not that simple. I have several ftp programs, and only one, Total Commander is willing to remove a directory or folder from the server while it is not empty.

    Once you can remove the wp-admin and wp-includes folders, you can simply upload the same (upgraded) folders and the files in the root/blog directory and run wp-admin/upgrade.php file. Upgrades have been coming out fast and furious… and I have 10+ blogs… quite an undertaking. grrrr.

    Good luck, and make sure you write back if you run into a snag.

    Sophie
    http://www.sophieslist.com

You must log in to post a comment.