Miniology site impacted by plugin vulnerability

Hacked? Us?

You may have noticed our recent blog entries had some goofy “Support WordPress” footer text with links to pharma/med sites. This was a result of one of our plugins that had a code vulnerability which was exploited by a bot, in simple terms, someone got a bit of free advertising out of us until it was fixed.

Many thanks to Ian (GBMINI) for taking the time to point out the anomaly, which we were then able to address and fix last night.

What was it?

This exploit was simply a spamvertising bot that added a few links to our footer (which happened to be displayed at the end of each post).

Some 94 php files were tagged and fixed by Wordfence (one of our security plug-ins), the other php files were pruned manually by our team of super-hawt hacker geeks that take care of such things for us. 😉

Nobody’s info was compromised, heck, we can barely keep track of our own email addresses, skype ID’s and phone numbers offline, let alone storing anything of yours on the site (which we don’t!)

If you’ve used the online store (ExpressionGraphix is on hiatus, btw) or sent comments to us, none of that information was shared with anyone outside of Miniology staff.

However, now all is well again, and we’ve locked down the site with fresh updates to the core files, as well deployed an even stronger CAPTCHA challenge routine, just because, you know, we like to keep up on that sort of thing.

Thanks for your attention, sorry for any inconvenience, and motor on!

Christopher “StarLord” Calhoun
Producer/Editor, Miniology.com