Has your WordPress Blog been Hacked? Email me now!

Big News [April 24th, 2012]: I’ve launched Wordfence to permanently fix your WordPress site’s security issues. Click here to learn more.

If your WordPress blog has been hacked, please email me. I’m collecting data on intrusion methods and backdoors. If you’ve been hacked, I’ll examine your server free of charge, share what I find with you and will make recommendations on how to repair your site, all at no cost. Please note that I will need “Shell” access to your machine. In other words I’ll need a username and password and will log in via SSH to examine the server that hosts your WordPress blog.

If you’re in dev or ops and have an attack vector you’d like to share, please zip it up and email it to me with as much technical detail as you can.

Email me at mmaunder at gmail.


10 thoughts on “Has your WordPress Blog been Hacked? Email me now!

  1. Hi,

    I think my website has been hacked, I loggin this am and found error lines on my dashboard as well as on the footer.

    Also, two of my clients have been notified by users trying to get in with weird email address 106.com that are completly incoherrant.

    I don’t know what to do…

  2. My server space (different from my web address above) got hacked recently adding a trojan to the index page of every site (and goodness knows what else!). One site reported the following:
    Infection Details
    Process: file://C:\Program Files\Internet Explorer\iexplore.exe
    Infection: js:Downloader-AZF [Trj]
    Is this any connection to WordPress or have they hacked me another way?

  3. HACKED again, 3rd time in six months! the same dic-wads that perpetrated the other two:
    Dr.wassar Was here !!
    E-mail : Drw@hacker.ps
    GretZ To :Hell-TeaM

    My server is GreenGeeks. QUESTION: does this hack hit the entire server? and could this hack effect all servers that include WORDPRESS as a bundle?


  4. Hi Mark,

    Good effort.
    Will you post the report after you’ve done investigating?
    I would also like to know how the hacker break into the hosting.

    The only 2 I know are from timthumb below version 2 and exploit from easy comment upload plugin.

    • I’ve been hacked pretty bad. I was first alerted by bluehost about that timthumb file and i didn’t update it right away and then not long after it, BAM! I was hacked. Started getting crazy pop ups. I deleted one of my sites completely that was affected but it’s effects are still being experienced even though the timthumb vulnerability scanner says my file is up to date on one of my blogs.

      Here’s a quick sneak peak via a video screenshot. I’m a novice to web stuff so i don’t know what shell access is but please contact me asap via email: http://screencast.com/t/DeEeIujPx2U

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.