Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • February 9, 2017 at 10:12 am #744723
    mrpacogp

    Hi guys.
    I have an entry in my site infect with title “Hacked By Imam ” or change some time “Hacked By Bala Sniper” etc…
    I have found this in reddit:

    Several Websites got ‘hacked by Imam’ from pwned


    But i only have WordFende and two more plugins, i can´t find more information about this vulnerability.
    If you try to restore your content to previous revision stills been powned!
    Well, i have copy the text inside the revision and after this deleted this entry.
    No more “Hacked” at this time.
    Searching for more information about this hack.
    Anyone got something?
    Kind regards.
    edit:
    I have found it
    https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html

    • This topic was modified 7 years, 9 months ago by mrpacogp.
    February 10, 2017 at 7:50 am #745233
    Rikard

    Hey mrpacogp,

    Thanks for sharing that, so did going through that fix your problem?

    Best regards,
    Rikard

    February 10, 2017 at 9:50 am #745292
    mrpacogp

    Hi! Yes.
    If you look at google “Hacked by Bala Sniper” or “by Imam” there is a thousand of sites affected.
    Therefore we only need to update to wordpress 4.7.2
    About word fence, they say if we have firewall ninja configured we are save, but that its not true, because I have my last post entry infected and using ninjafirewall also.
    Kind regards.

    February 12, 2017 at 7:34 am #745867
    Rikard

    Hi,

    Ok, thanks for sharing, much appreciated. Please let us know if you should need any further help on the topic.

    Best regards,
    Rikard

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.