Hacker sent mass mail to all my users.. HOW??
I'm running V3.3 of classipress and recently I noticed someone sent a mass mail to all my users (over 2200) with the below message.
Someone is interested in your ad listing:
http://www.kingdomsale.com/ads/domai...for-your-sites
"أنا عبدو راشيل رأيت الإعلان الخاص بك
في هذا الموقع قررت الاتصال بك استناداً
إلى القيام البحث الخاصة بك الحصول على
العودة إلى لي مع هذا البريد الإلكتروني
(rachelle_abduo@yahoo.co.uk) لمزيد من المناقشات.
I am Rachelle Abduo i saw your advert on this site i decided to
contact you based on your searching do get back to me with this email
(rachelle_abduo@yahoo.co.uk) for more discussions."
Name: Rachelle Abduo
E-mail:
rachelle_abduo@yahoo.co.uk
-----------------------------------------
This message was sent from
http://www.kingdomsale.com/
Sent from IP Address: 41.82.81.173
The IP is from SENEGAL (Known country for Fraud).. I'm not sure how he gained access to all the mails of my users and how he managed to send it.. He obviously sent it from the server it is hosted because I checked the logs and the server received a lot of relayed emails and high memory usage..
This is the second time this happens.. The first time it happened (1 week ago), I decided to change my password and installed the following plugin: Better
WP Security
I secured my
WP (It was already well secured) but it seems the hacker was able to abuse again.
I scanned for exploit files or shady files and found that my directory was clean..
Any help ?
Thanks