hacked by ./pH4TH0rM0n
Apparently someone thought it be funny to try to hack my network of websites. Has anyone run into this hacker? I had a few sites that weren't up to date with Wordpress.
The hack did add some files and I also can't remove a directory for some reason.
+ added
wp-trackback2.php
+ modified
wp-login.php
+ replaced index.php and wherever else it could with a hacked by page.
Akismet plugin had a few files added and replaced too so advised to remove the plugin and replace.
Any of my sites that were using a under construction plugin and was active, had not been compromised except for just the index.php in root (so the script that was used to replace the index.php files I guess just said no you can't write files in here).
If anyone has any information on this hack (complete removal information) as I don't know if there may be something injected into the mysql database either, as one of my sites still shows hacked by if you link via facebook, although I removed files.