UPDATE – ANOTHER HACK !!!!! Started January 2013
And this Time I used the most current version of OP!!!
This folder was infected:
and in April:
You want your blog get hacked? Infiltrated? Use Optimizepress and get it hacked!
OptimizesPress is a security risk!
Sadly I only found out, when I completely scanned my harddrive with avast.. and my old backups
Even the crapshit clamAV never found anything.
Now I have to check my installation, see what is messed up…
Dont come with „use the latest blabla“. I USED the latest version!!!
one of my smaller blogs got hacked on friday the 25th.
2 files got infected, I cant say if the database is infected (just restored a 1 week old backup to be save).
I found 2 files infected (so far.. )
I did some research and found out: it was OptimizePress!
It was OptimizePress that allowed my wordpress blog to be hacked!
They offer a german (old) 1.43 version, that hat the faulty timthumb exploit. I used it on my german squeeze page and got hacked…
A few days ago, they released 1.45 in german..
I checked other languages, like french an spanish, the offer the insecure 1.43 in those languages.
This exploit is 4 months old, and they do nothing to secure their customers!
And the secure 1.45 was released just a few days ago.. Thats about 4 months of unsecure wordpress template!
French, russian, spanish? DONT USE IT!
So? How can this be?