• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

BobbyVoicu.com

  • Home
  • Entrepreneurship Articles
  • Startup Videos
  • About Me
  • Blog / Archive

The CEO Library SEO hacked

January 1, 1970 By Bobby Voicu Leave a Comment

About two weeks ago I’ve discovered (completely by mistake) that this site’s been hacked since June 2019. I don’t know how, unfortunately. I assume a WordPress plugin vulnerability. Here’s what happened. Unfortunately I don’t have many screenshots because I got the idea of writing this after I sorted it out (with SOME help from the hosting provider).

Symptoms:
– 2 articles in an Indian dialect that had links to gambling sites
– the articles were put in a new category called “Uncategorizable” (almost similar to the initial default category, “Uncategorized”). It’s almost similar to that initial category that you don’t really notice (I surely didn’t).
– the above category is made Default Category. This doesn’t allow you to delete the category from the Posts > Categories main menu in the dashboard.
– the articles were dated to 2016, a full year before any of the articles on the site (and the start of the site to begin with)
– the articles were written by a user with the ID “wordpress”, made administrator, that wasn’t visible in the WordPress Users dashboard, even though the Administrator count was correct (see image below)

How I found the hack:

– by mistake. I’m looking at some issues with how archives look on The CEO Library and I went to see the first books ever entered on the site. That’s when I noticed the two articles that were definitely not books :)

What I did:

– I first Drafted the two articles. I could’ve deleted them, but I wanted to see if I could do anything else. I couldn’t and, in the end, I deleted them.
– I contacted the WPXhosting support team. After about 10 days of badgering them every 2 days (I don’t know wtf happened there, because they normally answer super quickly), they confirmed the hack and told me the hack is from plugins using an outdated version of the Adminer plugin.They repaired the files and told me a list of other plugins that might have issues. I prefer not to put the list of files and plugins here since I feel I expose this site more than I’m comfortable with. If it happens to you, a WordPress antivirus program should find it.
–

Filed Under: Uncategorized

Bobby Voicu

Bobby Voicu writes here from time to time.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Friends

  • Andrei Rosca
  • Dr. Alexandra Mircea
  • Emi Gal
  • Miruna Sfia
  • Rød Mallo Leiva
  • Sami the Westie
  • Vlad Balan
  • Vladimir Oane

The CEO Library Collections

  • Best Leadership Books
  • Best Productivity Books
  • Women Entrepreneur Books

Copyright © 2021 · Privacy Policy · Disclaimer

We use cookies to enhance your experience. By clicking "Ok" or by continuing to use the site, you agree to this use of cookies and data. Ok