roxyghost

I’m hosted on Heart Internet and got hacked just over a week ago (2.7). They used the forgot password functionality somehow to change the password and then used the theme editor to upload their files. Think it was just a defacement but since I was away last week I have yet to go through everything and restore it to normality.

The odd thing was, I checked my stats and they found my blog by searching MSN search for the IP of the heart server and the word “wordpress”.

Would appreciate some thoughts on this!

I too would like answers about this, I’ve got a developer looking through the logs but this really does look like something which needs some work.

What add ons did you have installed? From what we can see the hackers got in via the forgot password – don’t know exactly how – and then used the theme manager to upload the new files.

Would like some answers!