WordPress Site Hacked

My WordPress site was hacked to the point where the hacker/bot was able to create categories and posts.
Some of the posts created were...

Master Of Papers . Com examination: top service to get college assignments asap & guaranteedly
Papers Monster . Com close-up: trustworthy company to receive papers readily and on time
BUYESSAY.NET overview: prime corporation to get research papers quickly & at the right time

What could have happened here?
Who could have done these and how?

Any help would be appreciated, thanks!
LVL 1
killdurstAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mal OsborneAlpha GeekCommented:
95% chance the root cause was one of two things:

1. A failure to keep patching reasonable current.
2. A stupid password.

Anything else would be a long shot.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Uptime Legal SystemsCommented:
It was most likely just random that your site got hit- but it would be through some WP vulnerability and a code injection.  One downside to how popular WP is would be that people have access to it and to the code so these pop up pretty frequently.

Keeping your WP site up to date is the most important thing, and then of course anywhere you have a submission form make sure you have captcha or some verification in place to help limit bot activity.  I'd suggest at least once a week running updates on the site.
Jean Kathlyn BelarminoCommented:
To answer your questions,

What could have happened here? <--- You already know it was hacked and hijacked, you're also already aware that its a bot or an automated script creating blog posts & categories advertising those things on random sites running on a WP platform ...
 
Who could have done these and how?

Someone paid to do advertising or some glitchy programmer student or hobbyist, lol! To their understanding spreading the links online will boost up their site via keywords for search engine crawlers. A script embedded onto a server. Youll only need a list of sites to target... input. run. and watch it post awaaayyyy!!!  

You can ditch WP and switch to a more secured CMS platform.  :P!!
William NettmannPHP Web DeveloperCommented:
The same thing happened to me, and it wasn't so much a WP vulnerability as a FTP exploit. I had pretty decent passwords, too - 13 characters, completely mixed. I found the evidence in my server logs after I found the hack.

What I have done:

Replaced WordFence with iThemes Security, and followed all the recommendations on their audit.
Disallowed FTP on the server, only SFTP with key based authentication, no passwords
Disallowed passwords for SSH, only key based authentication
Installed and configured Fail2Ban to globally deny access to anyone who has more than 1 failed login.
Signed up with CloudFlare - not only faster, but more secure. (Free)
Pallavi GodseSr. Digital Marketing ExecutiveCommented:
Hi,
Here's a Wordfence cleaner tutorial to clean your hacked WordPress site -
https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
WordPress

From novice to tech pro — start learning today.