[Hidden-tech] WP Web site it by Trojan Horse... can anyone help?

[Christopher Parker]

It's possible your own computer is infected and using your FTP program 
to infect the sites you maintain -- especially if you store passwords in 
your FTP program (don't).


On 9/8/2011 9:54 PM, Town Websites wrote:
>     ** Be sure to fill out the survey/skills inventory in the member's area.
>     ** If you did, we all thank you.
>
>
>
>
> Ditto that.  First step is to get control back over the control panel 
> with help from Dreamhost tech support.  If you were secure up till 
> today ask them to restore from the last backup before today, change 
> your password immediately, and try to resolve what got hacked as it 
> will be hacked again if you don't fix it (unless they just cracked 
> your password).
>
> Charlie
>
> *From:*hidden-discuss-bounces at lists.hidden-tech.net 
> [mailto:hidden-discuss-bounces at lists.hidden-tech.net] *On Behalf Of 
> *B. Kimo Lee
> *Sent:* Thursday, September 08, 2011 8:37 AM
> *To:* David F. Farkas
> *Cc:* hidden-discuss
> *Subject:* Re: [Hidden-tech] WP Web site it by Trojan Horse... can 
> anyone help?
>
> Hi David,
>
> Sorry to hear your sites got cracked. I don't think there's any way of 
> getting around working via SSH and following Dreamhost's instructions 
> since an important part of it probably involves running grep searches 
> to look for infected files. I'd doubt the Back Office allows you to to 
> that.
>
> Maybe you can get the Dreamhost folks to check the server logs and 
> restore files from backup to a clean version of the site?
>
> Obviously you'll need to patch whatever security holes allowed the 
> intrusion by updating any server side software apps on which your 
> sites run.
>
> Good luck,
>
> Kimo
>
> PS: Nice running into you at Fresh Side the other day!
>
> AZURELINK  ::  "Simply Connected!"
>
> -------------------------------------------------------------------------------
>
> Web Site Design & Scalable, Managed Web Hosting
>
> Joomla! Content Management System Implementation
>
> eCommerce Development
>
> -------------------------------------------------------------------------------
>
> 321 Main Street, Suite 4
>
> Amherst, MA 01002
>
> (413) 549-2020
>
> For more information, please visit: www.azurelink.com 
> <http://www.azurelink.com>
>
> Follow Azurelink on Twitter: http://twitter.com/azurelink
>
> -------------------------------------------------------------------------------
>
>
>
>
>
>
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20110909/fa96660b/attachment-0001.html