Got hit again, briefly. Was able to recover very quickly thanks to the Git repos I had set up previously. I found a couple extra backdoors, using some alternate obfuscation methods. Instead of the typical eval(base64_decode(… the attacker instead took … Continued
(See parts one and two for background information.). My sites are almost fully recovered. I’ve ditched the old fancy theme in favor of a more austere default theme that turns out to have some pretty nice features. I like minimalism … Continued
I’ve been working on a Rails app that needs to integrate with an existing userbase found in a WordPress installation. One problem I’ve encountered is that her main website that manages subscriptions and users is in WordPress. Users will register … Continued
Time for some investigative work. This post may get unapologetically technical. So I began by looking at my access logs from the day that the compromise occurred, I started with just a full browse of the log to look for … Continued
So as I mentioned in my previous post, this blog was compromised earlier today, with the nefarious base64() hack. I’m still picking up the pieces, and viewing this as being pushed into finally switching to a new theme (I’ve been … Continued