Hacked!

Hacker stock art for just this kind of occasions - link from Eva

Shit.

The MKX® along with several sister sites (The MKX® Photo Central, La Polla América, etc.) were all hacked sometime in the last two days.

It looks like it was done through a security flaw in tinymce, a WYSIWYG text editor used by zenPHOTO, the photo gallery software I use extensively. Google blacklisted me (the horror!) but after I cleaned things up (or rather, Moi did) I can be visited again without raising any flags.

The extent of the damage is still unknown. So far I know that

  • The hack occurred on 2011-11-07 at 18:48.
  • Every .htaccess in my sites were injected with malicious redirects. Moi got rid of them. Here’s one sample .htaccess file (as text).
  • A malicious file class.images.php with obfuscated code was created somewhere inside the zenPhoto installation. I have no desire to reverse engineer it. Here’s the link to the file (as text).
  • An empty index.php file was created next to it.

Looks like I have quite a bit of work ahead of me. Those damn russian hackers! More info here.

One thought on “Hacked!”

Leave a Reply