Comments on: Stuntdubl Marketing Consulting hacked – SEOs a target

By: Dave Davis

Dave Davis — Wed, 17 Jan 2007 17:47:24 +0000

I stayed out of this one but I have to say it was quite funny seeing so many people freaking out and thinking you were responsible.

By: SEO Community Hacked: What Positives Can Come From It? - TheVanBlog

SEO Community Hacked: What Positives Can Come From It? - TheVanBlog — Wed, 17 Jan 2007 07:06:57 +0000

[...] The attack was based on a script released recently that attacks WordPress blogs through a flaw in the PHP core. I’m not sure I’d do the best job explaining the flaw so I’ll direct you to the words of Jason Roe who does a good job explaining the attack on this Threadwatch post. The discussion is alive on the thread so you may want to read it from the top. [...]

By: Blogs de SEO y SEM bajo Ataque » Internet Marketing MX

Blogs de SEO y SEM bajo Ataque » Internet Marketing MX — Tue, 16 Jan 2007 17:43:14 +0000

[...] Recientemente algunos blogs de SEO y SEM fueron hackeados (Wolf Howl, BoogyBonBon y Stuntdubl). El hacker aprovechÃ³ un hoyo de seguridad de WordPress para este propÃ³sito. [...]

By: Hacker Threatens Digg.com, Targeting SEO-Related Sites | Search Engine Optimisation Ireland .:. Red Cardinal

Tue, 16 Jan 2007 12:50:01 +0000

[...] [EDIT] I see that the hacker may have been using an exploit similar to one found by Jason Roe recently. Well done Jason on your find. [...]

By: The day after tomorrow for SEO wordpress blogs! - Jason Roe Technology. Jason Roe - Web design, Development, SEO Advice

Tue, 16 Jan 2007 10:07:35 +0000

[...] Well it looks like everyone is just about online again after the phantom SEO hacker blitz. I have been hearing some insane conspiracy theories banging about. They all seem to revolve around the theory that, I was one of the first sites to report and link to the hackerâ€™s site, so I must have done this all as a PR stunt! WRONG! [...]

By: Wordpress Security Holes (Again)

Wordpress Security Holes (Again) — Tue, 16 Jan 2007 08:20:03 +0000

[...] Have a look at Jason’s blog for some of the background info. [...]

By: Richard Hearne

Richard Hearne — Tue, 16 Jan 2007 07:12:14 +0000

Lots of attention with this one:
http://www.threadwatch.org/node/11333
Seems many sites got hit.

By: Richard Hearne

Richard Hearne — Tue, 16 Jan 2007 07:03:46 +0000

Greywolf has also been hacked.

Well done on the find Jason.

By: DianeV

DianeV — Tue, 16 Jan 2007 00:38:51 +0000

Yep. Hard to tell from the WordPress support link above what version she was upgrading *from*, so if the few-files approach doesn’t work (and I sincerely hope it does), do a full upgrade.

By: Jason Roe

Jason Roe — Tue, 16 Jan 2007 00:32:06 +0000

Here is the list of files that have changed since 2.0.6:

* wp-admin/inline-uploading.php
* wp-admin/post.php
* wp-includes/classes.php
* wp-includes/functions.php
* wp-settings.php
* wp-includes/version.php

But if your not on 2.0.6 it may be better to do a full update.,

By: DianeV

DianeV — Tue, 16 Jan 2007 00:31:08 +0000

Oops. That’s a “maybe”:
http://wordpress.org/support/topic/100762?replies=3#post-498952

By: DianeV

DianeV — Tue, 16 Jan 2007 00:28:34 +0000

According to WordPress.org, the entire set of files do not need to be replaced.

http://wordpress.org/development/2007/01/wordpress-207/

By: Jason Roe

Jason Roe — Mon, 15 Jan 2007 23:38:51 +0000

No probs .. Im in the same boat!

By: Brian Turner

Brian Turner — Mon, 15 Jan 2007 23:35:24 +0000

Thanks for the heads up on WP release.

Geez, there goes my early night clocking off…got a load of sites to update because of this.