[okfn-help] Fwd: open data commons and trojan downloader

James Casbon casbon at gmail.com
Mon Nov 23 15:34:21 GMT 2009


2009/11/23 Rufus Pollock <rufus.pollock at okfn.org>:
> 2009/11/23 James Casbon <casbon at gmail.com>:
>> Looks pretty p0wned to me. I get a load of adobe illustrator ads.
>>
>> This is a wordpress install, right? We need a decent backup and a
>> software upgrade.
>
> We keep upgrading the damn thing precisely because of it getting hacked!
>
> It is currently running WP 2.8.5 having been upgraded less than a
> month ago (because of similar issues).
>
> Today I've just gone and done a completely fresh install (though
> obviously not of the db ...)
>
> This looks like it has killed the hack (for the present though I hope
> there are no backdoors in the db).
>
>> Is anyone directly responsible for this install?
>
> I guess I am though this lives on Jordan's DH account atm (we should
> probably move off there at some point). We should probably set up a
> google alert for the main WP installs looking for a sign of being
> hacked (e.g. search for typical spam phrases). I think we already have
> a ticket for this.
>

How do the hacks work - is there something as simple as ip based
restrictions to the admin, or double authentication to the admin that
can help?



More information about the okfn-help mailing list