If there is one thing we love here at Cytrus Logic it is working on hacked sites. Just got done with a WordPress site that was hacked using a very simple exploit. A file was uploaded to a directory that did not have the right permissions.
A couple of back-doors were put in so that at any point when malicious files were removed they could be easily put back in.
The files were then used to send out massive spam emails from the server. The client called us when none of their emails were going through and they couldn’t figure out why. We took a look and realized that there was an unusually large mail queue, 1.2 million to be exact.
We quarantined the site and got them back on track.
Website security is sexy!!