Exploit: Hacked by badi
The problem seems to affect Wordpress sites mainly but could also effect other kinds of scripts. The exploit seems to be cPanel specific and VlexoFree is now protected from it.
The exploit is nothing more than a defacement. No wordpress files have been changed as a result of the exploit. The only changes made by the exploit are to the wordpress database in the following locations: the wordpress title, charset, and widgets.
The following is a How-To to reverse the changes caused by the exploit.
- Under Settings -> reading, change charset from UTF-7 to UTF-8
- You will need to reset all your widgets as the hack removes them all
- Under Settings -> General, change your site title back to what it was previously.
- Ensure your wp-config.php file's permissions are set to 600 - This can be done from within cPanel by going into your file manager