I am beginning to run into more and more website hacks lately and it is really becoming quite the head ache. Lucky for me, I run weekly backups of my sites and am able to quickly and easily restore them after the hacks.
The most recent hack I have run into was rather pointless as all they did was hijack the website and display a different index.php page and change the username in my WordPress database. Here is a screen shot of what appeared on the website when I went to it:
As you can see all it does is display the text:
OpPs !! Channal One is Here !!
Saudi Arabid HaCkeR
Hacked By EjRam 7rb ~ ReD HaT TeaM
… and then a bunch of other crap here.
To remove the hack simply login to your them and delete the index.php file and replace it with a clean one. Or, if you have a backup of your whole theme folder just delete it all and replace it. You will also want to check your login name and on my site they changed it to r00t as the username and who knows what the password was.
After you clean it up change your passwords and tighten up security. There are a number of WordPress plugins that can help with security including Login Lockdown.
Basically, the moral of the story is to keep a backup of your WordPress files and database all the time. You just never know when your site might be hacked. Oh, and if you think your site won’t be hacked because you are small time, think again. The site of mine that was hacked nets less than 20 visitors a week.