Drupageddon

Your Drupal website has a backdoor

I estimate hundreds of thousands of Drupal websites now have backdoors; between ten and ninety percent of all Drupal websites. Automated Drupageddon exploits were in the wild within hours of the announcement. Updating or patching Drupal does not fix backdoors that attackers installed before updating or patching Drupal. Backdoors give attackers admin access and allow arbitrary PHP execution.

This is not a drill: Update Drupal 7 NOW

Half of a client's Drupal 7 sites were compromised over the weekend.

If you did not update your Drupal 7 website by about Friday, your site was probably hacked too: Update to Drupal 7.32 or apply the patch manually updating is not trivial.

After that, you will need to review your site's administrator users, permissions, logs and content for unexpected users, roles, permissions, content and and scripts.

Syndicate content