SWX web site spam hack

Danny emailed me today to say that he'd noticed spam links on the SWX web site (thanks, man!) When I looked, I couldn't see anything. That is, until I looked at the source.

Somehow, someone managed to inject spam links and hide them using display:none. The actual code starts like this:

<u style="display: none">

And then includes the spam links.

I feel they may have gotten in through a vulnerability in the older version of Wordpress that the site is running. I am now in the process of upgrading it to the latest version (2.3.2) and having my web host check the servers.

In the meanwhile, though, I didn't want the bastards to gain another penny from having hacked my site so I whipped up a very simple Wordpress plugin that checks for and removes those links.

It's called Remove Hidden Spam and you can download it here (.zip; 718 bytes) in case you're affected by this also (Danny told me that Keith was hit by this recently too.) Just copy it to your plugins folder and activate it.

Comments