As of last week, hackers have found a way to retrieve passwords from WordPress blogs and have been redirecting them to sites with malware.
Here’s how it works, according to ZDNet.com:
- WordPress stores the database credentials in plain-text at the wp-config.php file.
- This configuration file should only be read by Apache, but some users (well, lots of users) left it in a way that anyone could read it (755 instead of 750 in Linux slang).
- A malicious user at Network Solutions creates a script to find those configuration files that were incorrectly configured.
- This same malicious user finds hundreds of configuration files with the incorrect permissions and retrieves the database credentials.
- Yes, he again (the bad guy) launches an attack and modify the database for all these blogs. Now the siteurl for all of them just became [malicious website]. Easy hack.
One of the ways you can protect your account from a hack is by changing the passwords of your admin accounts ASAP.
Full article: WordPress blogs hacked
Related posts:
Comments on this entry are closed.