Hacked by TechnicaL

I did the same in another domain https://thegoodmanfund.com/ same problem. What can I do to get rid of this problem.

Hi osize, i just had the same thing happen to 2 of my sites. They havent even launched yet and are not on any search engines.

One thing i did notice is that you are with IXWebhosting as well…so (just speculating here) it’s probably a site wide attack on them.

I am going to contact them now and see what they say, i suggest yo do the same.

anyone have any ideas on how to get my sites running again? there is nothing in the root folder yet it still displays the hackers splash page.

I am pretty sure (according to my logs) they used the DFind command line scanner to find a way in to my main server, but im still not exactly sure how they got in. I dont think it was via wordpress but im not certain about that.

There is a lot of talk about ixwebhosting being very hackable.

Hi ya, i havge jsut had the same hack on some of my domains with ixwebhosting.

Just created a ticket with them to look into this was wondering what your solution to this was and if any files are infected with the attack. I have been through the database on one the sites to try and solve the problem but he install of wordpress2.7 is still messed up.

Did any of you find a solution as i see some of your sites are back up and running.

Many thanks,
Dave

My problem was caused by filezilla. I used another ftp tool and everything was perfect.

My problem was caused by filezilla

that’s just dumb
how would filezilla cause a hack?

One of my sites has beed hacked by this guy so called “TechnicaL”. I think I have the solution.

First of all I have to grant this hacker some credit. It took me a whole minute to discover the origin of the problem.

I hope the following procedure helps people with this problem:

• EricaMarques.com has a good reputation, So in order to avoid badware distribution or other threats I downloaded the entire site for analysis and then deleted it from the server.
• I uploaded an in construction image
• I searched all pages for the “hacked by Tecnical” string
  Nothing found, the pages wasnt modified at all.
• So I went for the database.
  Downloaded and installed mysql gui tools
• Opened MySql Administrator
• Made a conection to the database (this information is in the wp-config.php)
• Clicked on Catalogs
  There you see several tables
  Edited an table called wp-options (right click edit table data)
• The very first option siteurl should point to you site, in my case was pointing to the hackers site.
• Just delete this and put your url in
• Second modification was for the blogs name.
• I changed as well.
• Then I Googled “hacked by Tecnical” and found this post, so here I am writing.
• Next step will be change all related passwords, most important my database passwords and unique phrases in wp-config.php.
• Finally I will upload the site again and test.

Please comment if you have any similar experience.

Cheers,
Pablo

I’m back only to say it was easly solved.
Check it out no hacks! Erica Marques
I only had to modify 2 records on the options table in the wp database.
Title Hacked by Technical was restored to Erica Marques
url was restored to https://www.ericamarques.com
For peace of mind I also moved the database to other server.
Problem resolved.
Anyone knows how this guy got there?
I’ll give some facts, maybe other bloggers share some contitions.
I host ericamarques.com on IX web hosting.
Use wordpress as blog engine
My MySql database is on IX webhosting too.
My guess is that I opened the door myself.
Since this was ment to be a test blog, I didn’t personalize my unique phrases.
Hacker probably used these default phrases to get access to the database.