Hindsight… It’s is a wonderful thing!

A couple of hours ago I received an automated email from our Travelblog site, saying that we had a new user registration; which was strange, since we disabled that feature a long time ago!  Great! We’ve just been hacked!

I put my hands up in the air, I’d been running an old version of WordPress (2.2) … which I’ve been meaning to upgrade for a long time; but hey, I’ve bought a house, had a baby and build my business during that time! It’s not been at the top of my priories.  So yes, I’m aware of the security holes/risks, etc.

Needless to say, WordPress 2.2 has an ugly security hole which allows hackers to remotely inject SQL statements into the database.  I’d heard about this at the time, but thought I was covered because it relied on the hacker having a valid username/password (see the trac ticket). Well it seems they don’t!

Within a minute of receiving the new user registration email, I deleted the user account, changed our passwords and upgraded to WordPress 2.6 – which came with it’s own set of problems (i.e. all the category names disappeared).

Here are the details of the would-be hacker, so others know about him:

Username: sidon

E-mail: Dimka@hotmail.com