Joho the Blog » hacked

February 28, 2010

I’ve been hacked. Help?

My WordPress account has been hacked.

JohoTheBlog’s RSS feed is showing up in NewzCrawler embedded in spam. Results at Google have begun showing up with spammy titles (“Buy Online, No RX (Prescription) Required! » Zoloft online stores”), with long, hacked URLs (

Googling around tells me that there have been similar-seeming attacks on WordPress accounts.This article is quite helpful. I found some odd cruft in my header.php, have changed passwords, and am stilling looking around.

Any other suggestions?


June 28, 2009 was hacked, now is clean was hacked by dirty stinking bad-hackers so that it was spewing Xanax ads. We think this was an XML-RPC exploitation. It’s now fixed (thanks Brad Sucks!), and I’ve asked that it be reviewed by so that it will no longer be put behind a warning page. Sorry if this has inconvenienced any of you.

[Tags: ]


Creative Commons License
Joho the Blog by David Weinberger is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

Creative Commons license: Share it freely, but attribute it to me, and don't use it commercially without my permission.

Joho the Blog gratefully uses WordPress blogging software.
Thank you, WordPress!