Freakin' Hackers! Any help would be great!

[DotWeekly]

EDIT:

Ok, so I have been trying to fix my site all day and it has been hacked in some sort of way.

The hackers were able to crack the password and enter in the admin and change some things to DotNothing, instead of DotWeekly.com, making the site not work .

It's all good now.

Leason Learned: Change your passwords OFTEN!

Wishes: Easy way to find hackers, and ring their doorbell and let them meet my buddies Smith & Wesson.

 

[shockie]

it's coming up properly for me. you might want to do a spyware/adware check on your computer as it could be one of those hijacking your browser.

 

[Deaol]

Comes up with the index for me..

 

[sibaong]

it's coming up properly for me. you might want to do a spyware/adware check on your computer as it could be one of those hijacking your browser.

Fine on IE but not on Firefox :?

 

[mis_chiff]

It's coming up great on my firefox Jamie
recent blog post about premiumdrops?
Provided of course that's your site :lol:

 

[sibaong]

Works fine on IE but redirected to donothing .com on my firefox

 

[mis_chiff]

I just checked in IE and it works there also
checked back in firefox to see if I missed the redirect
but there wasn't one on mine

 

[midnight251]

Works fine for me with firefox.

 

[IAmAllanShore]

Shows up just fine here in Firefox, IE, Opera, etc.

 

[.jd.]

Scan your computer, cause it truly is your web browser..

 

[sibaong]

Works fine now

 

[DotWeekly]

Thank you all for checking! It means a lot. Shortly after I posted here, my programmers were able to see what was up.

Somebody hacked into the admin panel and changed things around.

The amazing thing to me, was they hacked in, by figuring out a 9 Character password! I say Character, because there were 4 random numbers in it with 5 letters.

So it's back up, but this was a lesson learned and just shows, that once your site get's some traffic.... the scum's start messing with you.

 

[mkylut]

You can put symbols as well in your password to make it harder for hackers.

example: shY8s09js{]m@a2

 

[-NC-]

1) I'd be surprised if they brute forced your 9 character password without taking down your server first.

2) That means they most likely either exploited your web application, your PC or your server.

3) Is your wordpress fully up to date? WP has a number of vulnerability reports.
http://secunia.com/search/?search=wordpress

4) Your PC might be compromised, I assume you've got an updated os, with updated firewall, AV and spy/adware scanner?

5) You say you have programmers, have they created any custom code for the site? Might want to have them take another look at their code. especially any database queries which might be vulnerable to sql injection. I assume you haven't recently fallen out with any of them?

 

[DotWeekly]

Thank you NC.

I am having them look into it deeply to see exactly what it was.

I think it's down to two things. Either they got in with the password, or they accessed it threw an issue with Wordpress. It very well could of been something to do with Wordpress itself.

It just kind of makes you have a sick feeling in your stomach, knowing there are people out there doing this kind of stuff for whatever reason. I hear it daily, but when it happens to you, it seems totally different. Besides taking down the site for most of the day, they didn't seem to harm anything else, but my guess, was that's all they planned on doing.

 

[-NC-]

There's a good suggestion on secunia to restrict access to the wp-admin directory with .htaccess - might want to look into doing that asap, as then the hacker would also have to bypass your web server security as well as the web app ( little bit of extra hassle for you as you'd have to put in 2 sets of credentials to login )