How Wordpress Blogs Are Hacked

Wednesday, February 20, 2008 by Mistlee

How Wordpress Blogs Are Hacked

By Barry Welford

The previous two articles in this series have suggested ways to combat the ever-increasing hack attacks that WordPress blogs are receiving. In this final article, we will discuss some real-life examples and what can be learned from them. As a disclaimer, it should be noted that some hackers are very skilled and are continually improving their methods. These are anecdotes from the past and the future will undoubtedly be very different.

Typical Hacking Exploits

For specific details of typical hacking exploits, the following accounts are particularly good:

The methods used in these cases are probably all the work of one hacker, by nickname goro, who may well have been one of the commenters on the first of these three posts.

We will not go into the specific details here (since they will undoubtedly evolve), but rather discuss the bigger picture associated with these exploits. In the case of the hacking done on the SMM blogs, there were some clever refinements. The mechanism inserted on the domain generated hundreds of random, unique blog post web pages, which included links to online pharmaceutical web pages. Since the websites were well ranked in Google, many of these hundreds of blog posts were served to the search engine spiders as they made their visits. After a period of hours, the mechanism then stopped. This may have been to avoid a huge spike in traffic, which would have been more easily

How Google May Have Rewarded Their Efforts

During the last two or three months, Google has been giving much more rapid visibility and higher ranking to blog posts in its regular web search. In the latter part of January, blog posts appropriate for particular keyword searches would appear within a small number of hours in the regular web search. The algorithm may well be using the RSS news feeds associated with the blogs. This gave particular prominence to the blog posts generated by the hacking mechanism. They would almost always appear among the top five positions on a search for particular online pharmaceuticals and often in the first position. Presumably this gave a significant economic advantage to the hacker.

Continue reading this article.

DevWebProUK News Archives About Us Feedback DevWebProCanada Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact