[wp-trac] [WordPress Trac] #44624: Lot of wordpress sites hacked at same time
WordPress Trac
noreply at wordpress.org
Sun Jul 22 08:07:31 UTC 2018
#44624: Lot of wordpress sites hacked at same time
--------------------------+-----------------------------
Reporter: spala | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.9.7
Severity: critical | Keywords: needs-patch
Focuses: |
--------------------------+-----------------------------
on a server, they were able to hack several servers, including the cpanel
password,
they change (probably with some automation), any worpress admin login, to
"AnonymousFox"
and made some changes on a few files, along with installing phpmailers for
phising attacks, and php shells.
all the wordpress were up to date, we don't share plugins and some of them
were almost naked instalation,
there might be some 0day bug on wordpress, would be nice if someone could
investigate or turn some light on this problem, i dont feel confident into
restoring any backup, neither to make a fresh install until the actual bug
is identified and patched,
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44624>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list