Geeks3D Hacked!


Geeks3D hacked



It’s a tough job to run a website with a certain amount of traffic: it’s a permanent work and day and night (night for the paranoiac!) you must be sure the site is ok. And every morning, same fear and question: is the website still okay?

I took a 2-day break last Thurday and Friday, and Saturday morning I discovered that Geeks3D has been hacked (see some feedbacks here)… no rest for us poor webmasters!

All conditions for a hacking were satisfied: webmaster away and known security issues present!

I think the hacker (certainly a script-kiddie) has exploited one of the security holes of WordPress engine prior to version 3.0.4.

I found and removed the malicious code (available only on the front page), changed all passwords and of course applied the last WP 3.0.4 patch. Hope that will be enough…

I was a bit tired when WP update has been released and as you can see, there’s no mercy for the lazy webmaster…

And thank you guys for all your feedbacks (comments and emails)!


15 thoughts on “Geeks3D Hacked!”

  1. Leith Bade

    Thats why I would personlly avoid popular ‘pre-packaged’ website systems such as WordPress. They are too easy to target in mass, as you can just Google for old version numbers!

    So you probably want to disable WordPress from putting this in your HTML header:

    As that makes it easy to find hackable versions.

  2. Leith Bade

    Oops the html was removed!
    [greater-than]meta name=”generator” content=”WordPress 3.0.4″ /[less-than]

  3. JeGX Post Author

    Yep the WP version is in the header, but from what I know, many scanners do not rely on the version number to detect the real version of WP. I’ll try to remove it shortly…

  4. tayga

    lol i though so. eset anti-virus was picking up bad .js scrips πŸ˜›

  5. msweed4life

    my anti virus blocked the page NOD32 64bit
    hackers mothafucka.

  6. Arun

    @Jegx

    you sure that the issue is fixed .. my IE7 is still behaving very odd when i visit this site .. (IE7 getting hanged ) … i think i will not be able to view anymore from my office :(…

    @Leith

    Thanks for letting me know .. I have done a complete scan and i didn’t find any trojan or virus..

  7. Merk

    Hmm this website is for us 3d geek lovers and was hacked by some hacker geek.

    Would have thought geeks would respect eah other more…so the hacker was a Geeeeeeeck !

  8. spiked_mistborn

    Avast popped up a warning and blocked the JS code for me. I have avoided visiting the site from work since then.

  9. ipristy

    Yes i was getting AVG protection over Opera, that was funny i don’t have AVG on, but it worked i guess.

  10. LexLuthermiester

    @N,

    NoScript for Firefox is indeed useful! Score!

    @Merk,

    Respect from crackers[yes, a hacker who hacks for illicit propose is a cracker; ie criminal hacker]? Seriously?

    @Geeks3D Webmaster,

    No sleep for the weary, but kudos for catching it so fast. Most websites only do something after serious damage is done. If you want to avoid certain issues like this in the future, consider not using JS at all. Go with an all HTML5 page instead. More secure[for now] and just as useful…

    Just sayin…

  11. Tornado

    Merk was making an ironic joke…guess you misunderstood LexLuthermiester

    Irony is usually lost on lots of europeans and americans.

    Irony defined:The expression of one’s meaning by using language that normally signifies the opposite, typically for humorous or emphatic effect.

Comments are closed.