Jump to content

What was the AnonymousFox hack?


Recommended Posts

Someone mass-hacked just about every WordPress installation on Tommy, then dropped a bunch of malware. Some of the accounts also had a spambot or phishing set up on them. The name of the hack comes from the username of the admin account the hacker created in the WordPress database on compromised accounts. We ended up just mass-banning almost every WP user on Tommy (without backups due to malware and phishing), then giving them new accounts. 


The interesting part is that whatever hack they used works on fully up to date, extension-free WordPress installs, meaning there's a severe security hole in WP's core. People around the world were reporting this hack on different hosts too around the same time. WP themselves...they spent their time deleting people's complaints, closing hack reports as no issue found, and denying the hack exists despite the obvious evidence to the contrary.


Just another reason to never use WordPress...

  • Like 1
Link to comment
Share on other sites

  • 4 weeks later...

Wow!  Has this issue been resolved yet?  I'm a great user of WordPress - also a fan.  I've been using WordPress for years without having a problem with it or it been hacked.  I've used it on a number of servers spread far and wide.  I've used it on VPSs and shared hosting accounts.  I've installed it from the command line, from Softaculous and from other Softaculous alternative tools.


Would be very interesting to know how the hacker managed to infiltrate the installation process.

Edited by deanhills
Link to comment
Share on other sites

Nope, and likely never will be considering they actively denied the issue exists. WordPress is our (and many other hosts') leading cause of hacked accounts, high load, phishing, and spam. It's not the install process, they hack the actual installed product. The extensions are even worse when it comes to security.


The product is just so poorly written that there's no good way to actually fix the security issues with it without just throwing it out and starting over. WP has been around forever and has AFAIK never seen a full rewrite. As a result, it's a pile of really ugly legacy procedural code that just keeps getting tweaked, extended, and patched over and over again. Most other CMSes of this age have been fully rewritten at least once, if not twice or more.


Drupal had a massive overhaul between v7, 8, and 9. Joomla did the same between v2 and v3.


Seriously, there's zero good reason to be using WordPress at this point. It's almost certainly the worst product available in the CMS market from a security standpoint, but sadly also the most popular. That means it only faces an even worse time than most, because hackers like popular software as targets, and it's also an easy target.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...