Hacked By BALA SNIPER

kelz · February 7, 2017, 6:52am

How come the @bigcabal team didn’t notice this? Post has been there since the 2nd of February

lordbanks · February 7, 2017, 7:11am

We’re looking into this, thanks for letting us know.

sigisec · February 7, 2017, 7:51am

This looks more like a “content injection vulnerability”. Though an update was only released last week. Hope this helps. Correlating that with the version you have installed (readme.html)

Content Injection Vulnerability in WordPress 4.7 and 4.7.1
x.com

gokejnr · February 7, 2017, 8:27am

Yeah, you should get your properties behind CloudFlare. They usually block SQL injection attacks from proxying through successfully - assuming that’s what happened here.

eaweb · February 7, 2017, 10:34am

Sad part of these CMSs

CoderWithAttitude · February 7, 2017, 10:44am

That’s by the way i don’t think they took adequate step’s to secure their WordPress based platform e.g change “wp-admin” for backend login.

logbon72 · February 8, 2017, 4:29am

I swear when I have time I will still do that campaign against WordPress. It is the most dangerous web application out there. You can’t install WordPress on your server and go to sleep like that.

StephenAfamO · February 8, 2017, 6:31am

Your favorite alternative is as dangerous (if not more so).
It’s not just popular enough for people to care as much.

logbon72 · February 8, 2017, 7:26am

I don’t have any alternative, may be I’ll try Ghost. WP is so easy to hack. All you need is an admin password (or brute-force one), then you can write a PHP script to do ANYTHING. Just edit a theme file and add your own code. I’m not much of a CMS person, hardly work on such, however, most of the content sites I’ve had to work with were built on WP.

I also forgot to mention the myriads of unsecure plugins and themes, as well as it’s humongous appetite for system resource.

logbon72 · February 8, 2017, 7:42am

Just as I typed this, this again:

PapaOlabode · February 8, 2017, 8:03am

Funny enough when I saw this thread I thought of you. Remember when you told me to check my SSL when you noticed something was off?

In this case, I don’t really know. Maybe it’s best to share to the whole world that any site is vulnerable or tell the site owners directly (especially when you could easily do so). Maybe it’s harder to help when ridicule is available.

So @logbon72 if I didn’t say thanks enough before - I say a big now.

StephenAfamO · February 8, 2017, 8:43am

WordPress is not easy to hack.

Everyone who builds software will tell you that there are always security loopholes as you cannot cover everything.

WordPress is targeted because of the number of people that use it.

Keep your site updated, use only well coded plugins and you’ll be fine.

But it’s all up to you.

lordbanks · February 8, 2017, 8:52am

@logbon72 is a good man.

PapaOlabode · February 8, 2017, 9:46am

A good and wise man.

sigisec · February 8, 2017, 11:56am

Every application is exploitable. Its always just a matter of time and lots of patience.
“Be it word-press or Ghost”.

Its all about reporting vulnerabilities to the “constituted authorities” when found for patches to be applied in a timely fashion and probably internal security reviews audit by the owners/vendors

Case and point: An example was the ghost vulnerabilities found in 2015 by voidsec.
https://voidsec.com/wp-content/uploads/2015/03/VoidSec-Ghost.pdf