I thought the Muti headline was a little sensationalist, so I clicked through to find out what was going on, and this is what I was presented with:
2oceansvibe.com was (and hopefully will be, again) a community blog centered in South Africa. The new edition was running off Wordpress, and I’m left wondering just how the hacker actually pulled this off. At the time of that screenshot, the source code indicated that the document was actually generated in Word - so I’m guessing he somehow got in via FTP, but we won’t know for a while yet.
This form of hacking is called “defacing”, and as you can see, is all about replacing the site with a page of your own. This is one of the more common forms of “hacking”, especially on sites that can’t be exploited for anything more than their traffic.
I’m sure we can all learn something from this - make your password hard to guess, guys…
You were probably running an old version of Wordpress that had exploits. Keeping your wordpress up-to-date is probably the best way to keep hackers out. Especially if you allow for registration.
I don’t know. It didn’t look like a Wordpress exploit to me. Trying to do what the hacker did would probably require FTP access, but then again, I don’t exactly try to hack sites to see where they’re vulnerable…