Blog Has Been Hacked

• 

  maragov · Member · Nov 14, 2013 at 9:35 am

  • Copy link
  • Add topic to favorites

  Kindly be informed that a website under your administration has been defaced.
  Below are the information gathered from the defacement:

  IP: 66.155.11.238
  URL: http://ewarta.mara.gov.my/search/HACKED%2BBY%2BCgt_Yakuza
  Server Information: nginx on Unknown

  The blog I need help with is: (visible only to logged in users)

• 

  adyromantika · Member · Nov 14, 2013 at 2:29 pm

  • Copy link

  What you mean has been hacked? Can you describe what you saw?

• 

  maragov · Member · Nov 14, 2013 at 6:19 pm

  • Copy link

  why this link appear http://ewarta.mara.gov.my/search/HACKED%2BBY%2BCgt_Yakuza

• 

  timethief · Member · Nov 14, 2013 at 6:21 pm

  • Copy link

  Who, aside from you, has access to your login information?

  Go to your email program and change the password to a very difficult one because that’s how many hackers gain access to blogs

  1. If you can log-in go here > Users > All Users and delete any user that does not belong there.

  2. Disable post by email > http://en.support.wordpress.com/post-by-email/

  3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/

  4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password

  5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.

  6. Set up two step autheneticateion http://en.support.wordpress.com/security/two-step-authentication/

  Then read this please knowing that blogs don’t get hacked when security protocols are followed. > http://en.support.wordpress.com/security/

• 

  timethief · Member · Nov 14, 2013 at 6:22 pm

  • Copy link

  I’ll tag this thread for a Staff follow-up. Please subscribe to the thread so you are notified when they respond and please be patient while waiting.

• 

  adyromantika · Member · Nov 15, 2013 at 12:44 am

  • Copy link

  The link that you provided is a search link, and it only means that someone searched for the term in the search box. Did you see it from the stats page?

  If so, it doesn’t mean that your blog has been hacked. It just means that someone has searched for it using the search function. Although it might mean that someone is trying something bad, I trust that WordPress.com is not that easy to break in.

  Unless of course by guessing weak password, which you have to be careful about since this is a Government website and is a popular target for many hacking groups.