Recent

I got ha ha hacked

I had a security breach on the blog over the Christmas period. To cut a long story short two black hats named HcJ and cyb3r-1st compromised another site on the shared hosting server, they decided to deface my blogs for a short period of time while they were at it. After talking to both of them regarding the breach it turns out they are nice guys (a bit misguided), they told me how they breached the server so that I could pass the information on to the hosting provider for them to patch it.





At first I thought it may have been a WordPress 0day that they used to compromise my blogs, so I set about hardening my WordPress installation. Changed all passwords, delete all files/reinstate files from backup, installed security plugins, revised file permissions, etc.


Security plugins installed:
Chap Secure Login
Log User Access
WordPress Firewall
WP Security Scan


Here’s a great article by WordPress on how to harden your installation:
http://codex.wordpress.org/Hardening_WordPress


The zone-h defacement mirror:
http://www.zone-h.org/mirror/id/10039957


In this instance there is very little I can do to protect the server as it is not owned by me, the best I can do is change/preasure the hosting provider and secure my web applications.

Posted on 2 January, 2010 by ethicalhack3r

4 Responses to “I got ha ha hacked”


  1. corelanc0d3r


    2 other good plugins for wordpress :

    Times to come security : http://herselfswebtools.com/2008/06/wordpress-security-plugin-block-scrapers-hackers-and-more.html (don’t forget to edit the php and add the IP of the server in the whitelist)

    Semisecure login :
    http://wordpress.org/extend/plugins/semisecure-login-reimagined/
    (does more or less the same as Chap Secure Login)


    Comment posted on January 2, 2010 at 22:07:47 GMT

  2. rootEth


    Unlucky man, I see from the mirrors they got dvwa too! Ah well, an intresting story for ya and at least you had backups!


    Comment posted on January 3, 2010 at 23:02:11 GMT

  3. Andrew Waite


    Unlucky mate, sounds like you had an interesting holiday period. Glad to see you taking it on the chin and getting on with it, improving the security posture in the process. Surprised they were willing to talk though, bet that was an interesting debate.
    Happy New Year.


    Comment posted on January 4, 2010 at 10:01:44 GMT

  4. rootEth


    Advert alert?


    Comment posted on January 6, 2010 at 07:32:05 GMT

Leave a Reply