[Noisebridge-discuss] blog.noisebridge.net got hacked

Elijah Post elijahpost at gmail.com
Thu Dec 8 20:47:45 UTC 2011


On Thu, Dec 8, 2011 at 12:46 PM, Elijah Post <elijahpost at gmail.com> wrote:

> *facepalm*
>
>
> On Thu, Dec 8, 2011 at 12:42 PM, Rubin Abdi <rubin at starset.net> wrote:
>
>> Andy noticed it time last night. The attacker most likely got in through
>> exploits with an old mediawiki instance I had forgotten about from years
>> ago, went in and added in some .htaccess redirects to some .ru domain. I
>> don't have any evidence that they touched the wordpress DB, and your
>> passwords are hashed up, but I'm email to let you know all this has
>> happened.
>>
>> If you're not security conscience and reuse the same password for
>> everything, I would highly recommend going around and changing your
>> passwords right now. If you're smart and used a unique password for this
>> wordpress instance, then you're good.
>>
>> Currently the blog is down. I'm going to do an export of it, move it
>> over to a new VPS and hopefully not drag anything malicious along with
>> it. I think I can recreate the user accounts just fine but there's a
>> chance that wont happen and I'll have to recreate things from scratch,
>> which is fine. Except that your passwords will get reset once the blog
>> comes back online.
>>
>> Let me know if you've got any questions. Thanks!
>>
>> --
>> Rubin
>> rubin at starset.net
>>
>>
>
>
> --
> *Elijah Louis Spenser Post
> Mechanic (San Francisco Bike Kitchen)*
> *Participant (NoiseRep at Noisebridge)*
>
>


-- 
*Elijah Louis Spenser Post
Mechanic (San Francisco Bike Kitchen)*
*Participant (NoiseRep at Noisebridge)*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20111208/ad679ebc/attachment-0002.html>


More information about the Noisebridge-discuss mailing list