Stuntdubl Marketing Consulting hacked – SEOs a target

by on 15. Jan, 2007 in Jason Roe, Marketing, Web Design & Development

Looks like a well known marketing consultant’s site has been hacked. Be warned! The hacker redirected all of Stuntdubl’s feeds to his own wordpress blog (has offensive language) Full list of sites hacked!

To quote the hackers wordpress blog:

Anyways, I just started the first hacking cruzade… The easy targets (WordPress blogs with register_globals=on) using a custom PHP script based on this code

Quick fix is to disable trackback & rename the wp-trackback.php file until the patch is patch has been issued by wordpress (More info on how to upgrade). This is kinda similar to my other post about wordpress security. You can find a graphic design service in dublin, it turs out that they use Corporate Chauffeur Services!
See pick below:

Related Posts:

  • No Related Posts

14 Responses to “Stuntdubl Marketing Consulting hacked – SEOs a target”

  1. Brian Turner 15. Jan, 2007 at 11:35 pm #

    Thanks for the heads up on WP release.

    Geez, there goes my early night clocking off…got a load of sites to update because of this.

  2. Jason Roe 15. Jan, 2007 at 11:38 pm #

    No probs .. Im in the same boat!

  3. DianeV 16. Jan, 2007 at 12:28 am #

    According to WordPress.org, the entire set of files do not need to be replaced.

    http://wordpress.org/development/2007/01/wordpress-207/

  4. DianeV 16. Jan, 2007 at 12:31 am #

    Oops. That’s a “maybe”:
    http://wordpress.org/support/topic/100762?replies=3#post-498952

  5. Jason Roe 16. Jan, 2007 at 12:32 am #

    Here is the list of files that have changed since 2.0.6:

    * wp-admin/inline-uploading.php
    * wp-admin/post.php
    * wp-includes/classes.php
    * wp-includes/functions.php
    * wp-settings.php
    * wp-includes/version.php

    But if your not on 2.0.6 it may be better to do a full update.,

  6. DianeV 16. Jan, 2007 at 12:38 am #

    Yep. Hard to tell from the WordPress support link above what version she was upgrading *from*, so if the few-files approach doesn’t work (and I sincerely hope it does), do a full upgrade.

  7. Richard Hearne 16. Jan, 2007 at 7:03 am #

    Greywolf has also been hacked.

    Well done on the find Jason.

  8. Richard Hearne 16. Jan, 2007 at 7:12 am #

    Lots of attention with this one:
    http://www.threadwatch.org/node/11333
    Seems many sites got hit.

  9. Dave Davis 17. Jan, 2007 at 5:47 pm #

    I stayed out of this one but I have to say it was quite funny seeing so many people freaking out and thinking you were responsible.

Trackbacks/Pingbacks

  1. Wordpress Security Holes (Again) - 16. Jan, 2007

    [...] Have a look at Jason’s blog for some of the background info. [...]
  2. The day after tomorrow for SEO wordpress blogs! - Jason Roe Technology. Jason Roe - Web design, Development, SEO Advice - 16. Jan, 2007

    [...] Well it looks like everyone is just about online again after the phantom SEO hacker blitz. I have been hearing some insane conspiracy theories banging about. They all seem to revolve around the theory that, I was one of the first sites to report and link to the hacker’s site, so I must have done this all as a PR stunt! WRONG! [...]
  3. Hacker Threatens Digg.com, Targeting SEO-Related Sites | Search Engine Optimisation Ireland .:. Red Cardinal - 16. Jan, 2007

    [...] [EDIT] I see that the hacker may have been using an exploit similar to one found by Jason Roe recently. Well done Jason on your find. [...]
  4. Blogs de SEO y SEM bajo Ataque » Internet Marketing MX - 16. Jan, 2007

    [...] Recientemente algunos blogs de SEO y SEM fueron hackeados (Wolf Howl, BoogyBonBon y Stuntdubl). El hacker aprovechó un hoyo de seguridad de WordPress para este propósito. [...]
  5. SEO Community Hacked: What Positives Can Come From It? - TheVanBlog - 17. Jan, 2007

    [...] The attack was based on a script released recently that attacks WordPress blogs through a flaw in the PHP core. I’m not sure I’d do the best job explaining the flaw so I’ll direct you to the words of Jason Roe who does a good job explaining the attack on this Threadwatch post. The discussion is alive on the thread so you may want to read it from the top. [...]