Intrusion via Jetpack
-
I believe somebody was able to create an admin account on our site via jetpack. I’m not exactly sure how this happened but they were able to make an account called ‘wordpress’ with e-mail (email visible only to moderators and staff) which had full admin rights. I panicked when I found out and immediately deleted the user and blacklisted the ip 41.140.133.36 from morocco. I am looking at apache logs and their first contact with our site was via wordpress.com login function.
Anybody have any idea how to check for damage?
The blog I need help with is: (visible only to logged in users)
-
Hello there,
I’m sorry to say that you are posting to the wrong support forum.
The wordpress.ORG support forum is at http://wordpress.org/support. The wordpress.ORG login link is here https://login.wordpress.org/ If you do not have an account yet then click Create an account https://login.wordpress.org/register/ and if you have lost an account password click Lost password? https://login.wordpress.org/lostpassword/
WordPress.org support docs are at https://codex.wordpress.org/Main_Page
See also https://apps.wordpress.org/support/ for app support.Some Jetpack solutions are here http://jetpack.com/support/
Others are in the Jetpack support forum at WordPress.org
http://wordpress.org/support/plugin/jetpack
However, if help cannot be found at either one then they can file a Jetpack support ticket here > http://en.support.wordpress.com/contact/?jetpack=needs-service
See also https://apps.wordpress.org/support/ for app support.
- The topic ‘Intrusion via Jetpack’ is closed to new replies.
WordPress.com Forums 