Blog Hacked Again. WordPress Software is the Shit!?
Funny.. not. Unusual things have happened after upgrading wordpress to its latest version. The previous article on wordpress iframe hacking did enlighten me about the hackers and those unexplored wordpress security loopholes invented by this creative minds.. I can tell you that I did my best to avoid them.
Today, there was another instance of the blog being hacked.. let’s say injected with codes. However, it was kind of amusing to see that those hackers had left an message on this blog footer that gave me goosebumps for a moment.
So, as you’d notice.. the message read as:
It’s fun to be back, better tell the wordpress crew to patch their shit this is just the beginning, we will continue our world domination my advice to you is to change blog software regards, fatalz.
For some reason ‘It’s fun to be back’ was odd and comical. The reason being that few days ago the hosting server that is hosting this blog blocked few IP address from invading the server. And, as they were back.. they have really outdone and succeeded in finding some loophole.
In a matter of hours after finding the code, it was quickly removed from the infected files. To be serious, it is easier to remove the injected codes than finding the loophole.
Although this might sound weird, but I strongly sense that these hackers do it as an avocation. Maybe, hacking is truly their passion.
I love wordpress. Hopefully wordpress crew would notice this and provide some fix, a quick fix because blog domination is for WordPress, and not hackers 
Written by Sidharth on March 26th, 2010
Self-proclaimed geek, editor of blogote, who loves all things tech.
Just by making a post on h****** won’t help WP team in finding the problem. I suggest you post to their wp-hackers mailing list with complete details of your hosting, blog files hacked and how it got hacked so that it reaches the WordPress team.
Have to agree.. But had to write this for a reason. Also, as I was in an hurry (I found out about this just 10 min before proceeding to the college) I left the malicious code removal job to the knownhost team who handled it pretty well.
I am not an security expert.. so I have nil idea on how this actually works. I did my best to write whatever I know and I’ve did this in the past…
http://blogote.com/2009/wordpress/wordpress-httpgoooogleadsencebiz-virus-code-in-theme-files.html
http://blogote.com/2010/wordpress/word-press-iframe-h******-dealing-with-malicious-code-injected-on-wordpress-blogs.html
The blog files that were hacked includes the cached pages and also an plugin named wordpress contact form. And, regarding ‘how it got hacked’.. I still have no idea.