Several of my websites were hacked yesterday.
The site would load and display for a moment and then the entire window would show white with the text “By Iskorpitx“. Because the site loaded, I knew that it was something within the core of WordPress itself or a plugin or a theme which has been hacked which causes this.
It took me quite some time and I just discovered the issue now. At first I switched the theme, deactivated all plugins and started digging through code but I couldn’t exactly find what was causing this. Eventually I realized that there had to be a SQL injection of some sort and that the issue was in the database itself.
I assume that the hacking by Iskorpitx will be different each time depending on the exploitations he finds in the software. Based on my research, the discussions are mostly related to WordPress and Joomla which are being targeted.
Apparently this infamous Turkish hacker broke a world record in 2010.
Good thing we also have constant, continuous backups running on the server to a remote server in case a site has been hacked and cannot be fixed quickly like this.
Good luck to you and I hope this article will be useful to any other victims struggling to find the source of the hack.