FURTHER: WordPress Hackers on the Loose

Thu, 23 Aug 2018


If you run a WordPress website, and have a shopping cart where you sell things, we STRONGLY recommend that you log into your site ASAP and check your PAYMENT settings.  We've seen at least one instance where the hackers changed the PayPal address in the WordPress payment settings to their own PayPal account, and were able to steal some payments from the shopping cart.

If you can't log in, that's further evidence that you've been hacked.  Contact us and we can help you get acces to your site again.

Dear website owner,

If you have a WordPress website hosted with us, you need to read this message.  If you do not have a WordPress website, or you do but it's not hosted with us, you can ignore this message.  If you don't know, reply to this email and ask.

There has been a large spate of WordPress hacks in the last couple of days.  Hackers have found a vulnerability in WordPress, and are using it to get in and take control of WordPress websites.  If you have a WordPress website, it's possible (perhaps even likely) that you have been hacked.

How can I tell if I've been hacked?

Attempt to log into the administration are of your WordPress website with your admin username and password.  If you can't log in, you may have been hacked.  Try the "Lost your password" link on the login page, and put in your username.  If the username doesn't get located, you've probably been hacked.  If you succeed in logging in, click the "Users" link in the left-margin of the admin area.  Look for any suspicious usernames. If you see any, delete them.

If you can't log in at all, it's pretty certain that you've been hacked.  The only solution is to let us know.  We can fix it for you.

If you use our "WordPress Security Monitoring" service, then we will fix this for you for free.  If you do not use that service, we will charge $80 + GST to do this for you.  At the same time, we will update your WordPress to the latest version, including all plugins and themes.

Our "WordPress Security Monitoring" service costs $50 + GST per year per site.  It DRAMATICALLY reduces your chances of being hacked, not to mention relieves you of the burden of constantly keeping your site up-to-date.  Let us know if you want that service for your site.